Hola
Les paso a comentar lo que me anda sucediendo:
Hace 2 dias descargar un programa para hacer fotos graciosas, etc. El problema empieza cuando de golpe, se empezo a instalar programas sin mi permiso, me modifico el inicio del SO y me cambio los programas predeterminados, como por ejemplo:
Gracias y espero su amable ayuda.
Pego el log del Adwarecleanear:
> # -------------------------------
> # Malwarebytes AdwCleaner 8.0.4.0
> # -------------------------------
> # Build: 04-03-2020
> # Database: 2020-04-03.1 (Cloud)
> # Support: https://www.malwarebytes.com/support
> #
> # -------------------------------
> # Mode: Clean
> # -------------------------------
> # Start: 04-03-2020
> # Duration: 00:00:07
> # OS: Windows 7 Home Premium
> # Cleaned: 9
> # Failed: 0
>
>
> ***** [ Services ] *****
>
> No malicious services cleaned.
>
> ***** [ Folders ] *****
>
> Deleted C:\Program Files (x86)\Seed Trade
>
> ***** [ Files ] *****
>
> No malicious files cleaned.
>
> ***** [ DLL ] *****
>
> No malicious DLLs cleaned.
>
> ***** [ WMI ] *****
>
> No malicious WMI cleaned.
>
> ***** [ Shortcuts ] *****
>
> Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
> Deleted C:\Users\Pichulodance\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
> Deleted C:\Users\Pichulodance\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
> Deleted C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
> Deleted C:\Users\Pichulodance\Desktop\Google Chrome.lnk
>
> ***** [ Tasks ] *****
>
> No malicious tasks cleaned.
>
> ***** [ Registry ] *****
>
> Deleted HKCU\Software\DreamTrips
>
> ***** [ Chromium (and derivatives) ] *****
>
> No malicious Chromium entries cleaned.
>
> ***** [ Chromium URLs ] *****
>
> Deleted WebSearch
> Deleted WebSearch
>
> ***** [ Firefox (and derivatives) ] *****
>
> No malicious Firefox entries cleaned.
>
> ***** [ Firefox URLs ] *****
>
> No malicious Firefox URLs cleaned.
>
> ***** [ Hosts File Entries ] *****
>
> No malicious hosts file entries cleaned.
>
> ***** [ Preinstalled Software ] *****
>
> No Preinstalled Software cleaned.
>
>
> *************************
>
> [+] Delete Tracing Keys
> [+] Reset Winsock
>
> *************************
>
> AdwCleaner[S00].txt - [2340 octets] - [03/04/2020 22:46:48]
>
> ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########Pego los reportes del Malwarebytes:
Log 1:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 2/4/20
Hora del análisis: 19:55
Archivo de registro: 043005e4-7535-11ea-817d-e81132693147.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.21808
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Pichulodance-PC\Pichulodance
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 287808
Amenazas detectadas: 237
Amenazas en cuarentena: 231
Tiempo transcurrido: 24 min, 5 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 2
Trojan.VBCrypt, C:\WINDOWS\SYSTEM\EXPLORER.EXE, En cuarentena, 4387, 707843, , , ,
Trojan.Agent, C:\WINDOWS\SYSTEM\SVCHOST.EXE, En cuarentena, 490, 216034, , , ,
Módulo: 2
Trojan.VBCrypt, C:\WINDOWS\SYSTEM\EXPLORER.EXE, En cuarentena, 4387, 707843, , , ,
Trojan.Agent, C:\WINDOWS\SYSTEM\SVCHOST.EXE, En cuarentena, 490, 216034, , , ,
Clave del registro: 31
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En cuarentena, 520, 584322, 1.0.21808, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En cuarentena, 520, 518478, 1.0.21808, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En cuarentena, 520, 518476, 1.0.21808, , ame,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{117849F4-7BD9-4277-89CE-A1F555D401E1}, En cuarentena, 5890, 785147, 1.0.21808, , ame,
Trojan.SmokeLoader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{850D4D04-AD09-4F7E-875E-F4EB8B93611D}, Se eliminará al reiniciar, 1113, 676758, 1.0.21808, , ame,
Trojan.VBCrypt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999}, En cuarentena, 4387, 707843, , , ,
Trojan.VBCrypt, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999}, En cuarentena, 4387, 707843, , , ,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B80D6C85-0154-41F7-BA14-637630B9D5C1}, En cuarentena, 5890, 785147, 1.0.21808, , ame,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Time Synchronization\VIEWUTCTIME, En cuarentena, 1170, 730637, , , ,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EBE75E23-FF77-43D8-B9C8-B3E2835E54EE}, En cuarentena, 1170, 730637, , , ,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{EBE75E23-FF77-43D8-B9C8-B3E2835E54EE}, En cuarentena, 1170, 730637, , , ,
Trojan.Agent.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En cuarentena, 1170, -1, 0.0.0, , action,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En cuarentena, 6935, 252393, 1.0.21808, , ame,
Trojan.FakeTool.E, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\DreamTrips, Se eliminará al reiniciar, 3112, 701670, 1.0.21808, , ame,
Adware.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\mtAppriabuS, En cuarentena, 903, 487895, 1.0.21808, , ame,
Trojan.SmokeLoader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPERA SCHEDULED AUTOUPDATE 711520318, En cuarentena, 1113, 676756, , , ,
Trojan.SmokeLoader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{850D4D04-AD09-4F7E-875E-F4EB8B93611D}, Se eliminará al reiniciar, 1113, 676756, , , ,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SearchNewTab, En cuarentena, 5890, 785148, , , ,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B80D6C85-0154-41F7-BA14-637630B9D5C1}, En cuarentena, 5890, 785148, , , ,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SearchNewTab2, En cuarentena, 5890, 785148, , , ,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{117849F4-7BD9-4277-89CE-A1F555D401E1}, En cuarentena, 5890, 785148, , , ,
Trojan.CrthRazy, HKLM\SOFTWARE\WOW6432NODE\Machiner, En cuarentena, 3166, 676882, 1.0.21808, , ame,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtAppriabuS, En cuarentena, 903, 487896, 1.0.21808, , ame,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En cuarentena, 6935, 252393, 1.0.21808, , ame,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\AppriabuS.exe, En cuarentena, 903, 487893, 1.0.21808, , ame,
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666}, Se eliminará al reiniciar, 490, 165494, , , ,
Trojan.Agent, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666}, En cuarentena, 490, 165494, 1.0.21808, , ame,
Trojan.MalPack.GS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C7BB50C6-9718-4156-9DB2-9E4801285DEC}, En cuarentena, 8186, 805531, , , ,
Trojan.MalPack.GS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{C7BB50C6-9718-4156-9DB2-9E4801285DEC}, En cuarentena, 8186, 805531, , , ,
PUP.Optional.BookHelper.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En cuarentena, 15099, -1, 0.0.0, , action,
PUP.Optional.BookHelper.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, En cuarentena, 15099, -1, 0.0.0, , action,
Valor del registro: 19
Rootkit.Agent, HKLM\SOFTWARE\MICROSOFT|MSVER1, En cuarentena, 489, 678869, 1.0.21808, , ame,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{117849F4-7BD9-4277-89CE-A1F555D401E1}|PATH, En cuarentena, 5890, 785147, 1.0.21808, , ame,
Trojan.SmokeLoader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{850D4D04-AD09-4F7E-875E-F4EB8B93611D}|PATH, En cuarentena, 1113, 676758, 1.0.21808, , ame,
PUP.Optional.PBot, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B80D6C85-0154-41F7-BA14-637630B9D5C1}|PATH, En cuarentena, 5890, 785147, 1.0.21808, , ame,
Trojan.VBCrypt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Explorer, En cuarentena, 4387, 707843, , , ,
Trojan.Agent.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 1170, -1, 0.0.0, , action,
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 1170, -1, 0.0.0, , action,
Trojan.Agent.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 1170, -1, 0.0.0, , action,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EBE75E23-FF77-43D8-B9C8-B3E2835E54EE}|PATH, En cuarentena, 1170, 784089, 1.0.21808, , ame,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, 6935, 252393, 1.0.21808, , ame,
PUM.Optional.MSExclusion, HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS|C:\WINDOWS\SYSWOW64\AFDEMPCY, Error durante la eliminación, 6973, 692398, 1.0.21808, , ame,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 903, -1, 0.0.0, , action,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 903, -1, 0.0.0, , action,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, 6935, 252393, 1.0.21808, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En cuarentena, 921, 259988, 1.0.21808, , ame,
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|SVCHOST, En cuarentena, 490, 216034, 1.0.21808, , ame,
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mibyhy2, En cuarentena, 548, 803340, , , ,
PUP.Optional.BookHelper.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME\ExtensionInstallWhitelist|1, En cuarentena, 15099, 784086, , , ,
PUP.Optional.BookHelper.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME\ExtensionInstallWhitelist|1, En cuarentena, 15099, 784086, , , ,
Datos del registro: 7
Trojan.VBCrypt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell, Sustituido, 4387, 707843, , , ,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, 921, 293485, 1.0.21808, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 921, 293485, 1.0.21808, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Sustituido, 921, 293485, 1.0.21808, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Sustituido, 921, 293485, 1.0.21808, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Sustituido, 921, 293486, 1.0.21808, , ame,
PUM.Optional.DisableTaskMgr, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DISABLETASKMGR, Sustituido, 13629, 293320, 1.0.21808, , ame,
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 14
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\ondemand, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\temp, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\PROGRAMDATA\APPRIABUS, En cuarentena, 903, 487891, 1.0.21808, , ame,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\ElectronCash, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\ElectrumLTC, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\MultiDoge, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\Electrum, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\Ethereum, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\Exodus, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ\files\Wallets\JAXX, En cuarentena, 899, 697276, , , ,
Spyware.StolenData.E, C:\PROGRAMDATA\9EP2E6TDKYPKLSE7MFU402NWJ\FILES\Wallets, En cuarentena, 899, 697276, 1.0.21808, , ame,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV, En cuarentena, 1278, 805275, , , ,
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\APPRIABUSS, En cuarentena, 201, 380106, 1.0.21808, , ame,
PUP.Optional.BookHelper.ChrPRST, C:\USERS\PICHULODANCE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EJMNEBAJFPGDEKLPPOHLLGKIAFLHEEOO, En cuarentena, 15099, 784086, 1.0.21808, , ame,
Archivo: 162
Trojan.VBCrypt, C:\WINDOWS\SYSTEM\SPOOLSV.EXE, Error durante la eliminación, 4387, 707843, 1.0.21808, 365D9E2C78B66730E3095438, dds, 00659371
Trojan.VBCrypt, C:\WINDOWS\SYSTEM\EXPLORER.EXE, En cuarentena, 4387, 707843, 1.0.21808, 365D9E2C78B66730E3095438, dds, 00659371
Trojan.VBCrypt, C:\USERS\PICHULODANCE\APPDATA\ROAMING\MRSYS.EXE, Error durante la eliminación, 4387, 707843, 1.0.21808, 365D9E2C78B66730E3095438, dds, 00659371
Trojan.Agent.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\TIME SYNCHRONIZATION\VIEWUTCTIME, En cuarentena, 1170, 730637, 1.0.21808, , ame,
Trojan.MalPack.GS, C:\USERS\PICHULODANCE\APPDATA\LOCAL\86f1076d-4f0f-4afd-bcf6-b5e1096de121\7C50.tmp.exe, En cuarentena, 8186, 805941, 1.0.21808, 72E571BAEEAED1C0F9D3511E, dds, 00659371
Trojan.SmokeLoader, C:\WINDOWS\SYSTEM32\TASKS\OPERA SCHEDULED AUTOUPDATE 711520318, En cuarentena, 1113, 676756, 1.0.21808, , ame,
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, En cuarentena, 423, 715618, 1.0.21808, , ame,
PUP.Optional.PBot, C:\WINDOWS\SYSTEM32\TASKS\SearchNewTab, En cuarentena, 5890, 785148, 1.0.21808, , ame,
PUP.Optional.PBot, C:\WINDOWS\SYSTEM32\TASKS\SearchNewTab2, En cuarentena, 5890, 785148, 1.0.21808, , ame,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\AppriabuS.d.dat, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\conf.config, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Kinron.dat, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Latlax.exe.config, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Mathair.exe.config, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\md.xml, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\RanHattam.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\RonStatfax.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Sanjob.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Single-Stock.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Singlecof.dat, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\SonDubhold.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Sunstring.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Tinsaodom.dat, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\uninstall.dat, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Voltdom.bin, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\ymzbp1it.xml, En cuarentena, 903, 487891, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\devcon.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\OemVista.inf, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\tap0901.sys, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\devcon.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.inf, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.sys, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\FakeClient.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WdfCoInstaller01009.dll, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.dll, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.inf, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.sys, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\oas_sert.cer, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.log, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror2.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\kmsauto.ini, En cuarentena, 1278, 805275, , , ,
Generic.Malware/Suspicious, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\IS-75LCQ.TMP\BATTALA.EXE, En cuarentena, 0, 392686, 1.0.21808, , shuriken,
Trojan.Agent, C:\WINDOWS\SYSTEM\SVCHOST.EXE, En cuarentena, 490, 216034, , , ,
Trojan.Downloader, C:\WINDOWS\MIBYHY2.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\APPRIABUSS\FF.HP, En cuarentena, 201, 380106, 1.0.21808, , ame,
PUP.Optional.Linkury.Generic, C:\ProgramData\AppriabuSs\ff.NT, En cuarentena, 201, 380106, , , ,
PUP.Optional.Linkury.Generic, C:\ProgramData\AppriabuSs\snp.sc, En cuarentena, 201, 380106, , , ,
Trojan.VBCrypt, C:\USERS\PICHULODANCE\APPDATA\LOCAL\STSYS.EXE, Error durante la eliminación, 4387, 707843, 1.0.21808, 365D9E2C78B66730E3095438, dds, 00659371
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 301411, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 301414, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 301415, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 301416, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 301417, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 301418, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302764, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302764, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302764, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302764, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302764, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302764, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302766, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 302766, 1.0.21808, , ame,
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 15343, 324964, 1.0.21808, , ame,
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 5251, 353143, 1.0.21808, , ame,
PUP.Optional.BookHelper.ChrPRST, C:\USERS\PICHULODANCE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 15099, 784086, , , ,
PUP.Optional.BookHelper.ChrPRST, C:\USERS\PICHULODANCE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 15099, 784086, , , ,
PUP.Optional.BookHelper.ChrPRST, C:\USERS\PICHULODANCE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EJMNEBAJFPGDEKLPPOHLLGKIAFLHEEOO\1.0.0.0_0\MANIFEST.JSON, En cuarentena, 15099, 784086, 1.0.21808, , ame,
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 15022, 444922, 1.0.21808, , ame,
Trojan.MalPack.GS, C:\USERS\PICHULODANCE\APPDATA\ROAMING\MICROSOFT\WINDOWS\VCAWHWGE\HTSIFIID.EXE, En cuarentena, 8186, 805531, 1.0.21808, 88A3E521979B11967628BE85, dds, 00659371
PUP.Optional.GameHack, C:\PROGRAM FILES\CHEAT ENGINE 7.0\STANDALONEPHASE1.DAT, En cuarentena, 7921, 393793, 1.0.21808, , ame,
PUP.Optional.BookHelper.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Error durante la eliminación, 15099, -1, 0.0.0, , action,
PUP.Optional.BookHelper.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Error durante la eliminación, 15099, -1, 0.0.0, , action,
PUP.Optional.BookHelper.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En cuarentena, 15099, -1, 0.0.0, , action,
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\1WYJA1N4GNG\1WC2V1Y5KCY.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\25MP22JOFOZ\0A5OYMUHPVR.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\5NZB0RUOHT4\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\BQ2SIVGE2SH\FFIFAUYLVVB.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\EKD2POZUAK4\KU5KQTCRGCV.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\GI03DCP3M0U\GNAB2JBUUZ1.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\1QDYOZBN5YK\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\A4UADV0EWR4\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\DIQYZXDVUTB\SB0AD2KZV1V.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\F0MSDEMCGMQ\UKAT5LPNCWE.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\GOY05X5DVOF\WZR1KIQNGR3.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\3STX1JWPW1N\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\BAUJ2RHXUQK\KTYBMDD1USF.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\DXADP0X4YX2\NWE3AAWZHH3.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\G0BKDZ1CYTQ\3F2GQKMLDBF.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Dropper, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\HWDJFXPUKD4\DREAMTRIPS_MIX3.EXE, En cuarentena, 832, 653844, 1.0.21808, 737CAE3A440CBC971ACCCF8B, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\JVRZ2G3S2DL\LUKZF1ATE1Q.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\NTCNSWV4CG4\25F5LC4MGOS.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\Q11SNLSPFMI\ME04YATRWPP.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\U2R54BM03PZ\WFMBJNZACEX.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\VUYX2UFBTIU\Q33NHNFVLMR.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\JEJT1HAZC2C\MDY1GZ53ZR4.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\M2NCVWSOHMR\CJK1DJR3T2L.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\XB4JACXRJMC\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\N3KWC4BL3NF\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\ZB2P1HY2DV0\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\PAHBE0ZCZQV\A4YX3NJWZWH.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\TN454XQGRSV\SF5CRR2CXGJ.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\VSJVOYILF24\ZE5GI0DPCFS.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\WQV4JF4ZBIJ\HIFZVRXZBFB.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Spyware.PasswordStealer, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\IW0SCD5BJ13\WYFDGGM.EXE, En cuarentena, 547, 801780, 1.0.21808, 9474C2B89602D9F8FFB1BFF0, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\YR4TXKVLL55\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\KR2Z5ES3DVZ\YAP5XPCMAU1.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\N01YSYSQX2F\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.MalPack.GS, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\7C50.TMP.EXE, En cuarentena, 8186, 805941, 1.0.21808, 72E571BAEEAED1C0F9D3511E, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\OMETLVUB1OT\XAJMNJ1OL1H.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\TFTZLDAQU5S\WTY1F1PSMLD.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\V4QYGRTYON3\WKTLQNPBCDR.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\WFEGP35V4PD\53K03Y42SSJ.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\XIIEDF4GKTR\XOJGX1BDM4Z.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\ZPPDK4NCTU2\N00M14K2GUY.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\0V1GPMRAZ1J\YT051YZD201.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\31KV5YZHQR0\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\B53GLYBKE1L\4WCZJJEFJNT.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\DNAKB4WEOMY\Y50E3KZWPZF.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\FKD5OWMXUY2\LMTLIMUTMAE.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\HDTUGXRFR33\DQKBOHXLHRF.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.3743351614, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\IS-75LCQ.TMP\DAZOUAHMED.EXE, En cuarentena, 1000000, 0, 1.0.21808, 278843FD3B452E75DF1F033E, dds, 00659371
Malware.Generic.3743351614, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\IS-J93MN.TMP\FUMERTE.EXE, En cuarentena, 1000000, 0, 1.0.21808, 278843FD3B452E75DF1F033E, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\21QH1UI1BFU\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\5OJ2PUBC3QN\3INWVAHSFQW.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\C1Z102RGWLC\IANJT5YX04T.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\ESQR3EMBPOH\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\GIDFXXHOH4L\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\J4VTVCZEQFH\24T5RCHORYQ.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\LB4SYE444QY\PYTZGJ3L3OA.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\N1T2IKPICGB\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\OUUKZQWPYAN\5DMZI0VXH2U.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.OxyPumper, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\V5F6W8D2W5L0J3\R1P5G4T5J1W4O4.EXE, En cuarentena, 4211, 778535, 1.0.21808, D33CB6614C56B68A410B419A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\WM2K33JVP0A\1MWYZ1MKBXV.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\Y25PI4JSOMQ\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.MalPack.GS, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\2507949499.EXE, En cuarentena, 8186, 806441, 1.0.21808, 170A4582C1153CBCE04D87C3, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\K245DPFH34P\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\MUBLMLUQV4K\HNB1FPY1RQI.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\O4WJ1ICEOW0\HMEBCCF45RO.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\SRMI30VJCS1\1VB1SZGG5PJ.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\USGIYKQETVA\AVPY5KMLIES.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\VYVE30WS2K3\LTWI2YN4C30.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\XCBLZYFRCIV\MIHZUMGAYPL.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\ZD3KVF1QDXR\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\1V0K32WD3TA\EP5U5Z3OUVI.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\45OSOPQILDI\01CGUN2V2NE.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\BC1QS2VF4CF\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\E2035RMQHZ3\03IOZJ12YIQ.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Malware.Generic.437083983, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\GFY23GOCKUJ\WTFS15L501B.EXE, En cuarentena, 1000000, 0, 1.0.21808, BDC4C4CDB35959521A0D5F4F, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\I5ISJRKYMBV\M1LTSHXHHPG.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\JI233ZQHZO2\ZKRXHGS0PJT.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\NLNFTQ0YGX2\3S1SVEWDYVG.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\PC4BM53V4CD\ZOHAS3RMNUC.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Adware.Csdimonetize, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\TUJ1HJICWST\0DMP33S0S3O.EXE, En cuarentena, 2943, 648561, 1.0.21808, D56760940CDC7A6C9D57395A, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\VSVH5USCWNE\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Trojan.VBCrypt, C:\USERS\PICHULODANCE\DESKTOP\Game\River Raider II.lnk, En cuarentena, 4387, 707843, , , ,
Trojan.VBCrypt, C:\GAMES\RIVER RAIDER II\RIVER RAIDER II.EXE, En cuarentena, 4387, 707843, 1.0.21808, , ame,
Generic.Malware/Suspicious, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\WV2B2UATRPL\SEARCHNEWTAB.EXE, En cuarentena, 0, 392686, 1.0.21808, , shuriken,
Trojan.VBCrypt, C:\USERS\PICHULODANCE\DESKTOP\Game\Left 2 Dead.lnk, En cuarentena, 4387, 707843, , , ,
Trojan.VBCrypt, C:\GAMES\LEFT 2 DEAD\LEFT 2 DEAD\LEFT4DEAD2.EXE, En cuarentena, 4387, 707843, 1.0.21808, 0A74C2711727500D51C85660, dds, 00659371
Trojan.Downloader, C:\USERS\PICHULODANCE\APPDATA\LOCAL\TEMP\YYV0A2BITCH\IFHVVYY.EXE, En cuarentena, 548, 803340, 1.0.21808, 6CFDAE9821169A03F9E51510, dds, 00659371
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)Log 2:
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 3/4/20
Hora del análisis: 23:04
Archivo de registro: 9069192c-7618-11ea-b5b8-e81132693147.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.21876
Licencia: Gratis
-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Pichulodance-PC\Pichulodance
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 271171
Amenazas detectadas: 66
Amenazas en cuarentena: 64
Tiempo transcurrido: 12 min, 16 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 14
Adware.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\mtAppriabuS, En cuarentena, 903, 487895, 1.0.21876, , ame,
Trojan.CrthRazy, HKLM\SOFTWARE\WOW6432NODE\Machiner, En cuarentena, 3166, 676882, 1.0.21876, , ame,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtAppriabuS, En cuarentena, 903, 487896, 1.0.21876, , ame,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En cuarentena, 6936, 252393, 1.0.21876, , ame,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\Time Synchronization\VIEWUTCTIME, En cuarentena, 1170, 730637, , , ,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EBE75E23-FF77-43D8-B9C8-B3E2835E54EE}, En cuarentena, 1170, 730637, , , ,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{EBE75E23-FF77-43D8-B9C8-B3E2835E54EE}, En cuarentena, 1170, 730637, , , ,
Trojan.Agent.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En cuarentena, 1170, -1, 0.0.0, , action,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\AppriabuS.exe, En cuarentena, 903, 487893, 1.0.21876, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En cuarentena, 520, 584322, 1.0.21876, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En cuarentena, 520, 518478, 1.0.21876, , ame,
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En cuarentena, 520, 518476, 1.0.21876, , ame,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En cuarentena, 6936, 252393, 1.0.21876, , ame,
Trojan.Agent, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666}, En cuarentena, 490, 165494, 1.0.21876, , ame,
Valor del registro: 9
Adware.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 903, -1, 0.0.0, , action,
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 903, -1, 0.0.0, , action,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, 6936, 252393, 1.0.21876, , ame,
Trojan.Agent.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 1170, -1, 0.0.0, , action,
Trojan.Agent.PrxySvrRST, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 1170, -1, 0.0.0, , action,
Trojan.Agent.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 1170, -1, 0.0.0, , action,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En cuarentena, 921, 259988, 1.0.21876, , ame,
Trojan.Agent.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EBE75E23-FF77-43D8-B9C8-B3E2835E54EE}|PATH, En cuarentena, 1170, 784089, 1.0.21876, , ame,
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En cuarentena, 6936, 252393, 1.0.21876, , ame,
Datos del registro: 5
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Sustituido, 921, 293485, 1.0.21876, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sustituido, 921, 293485, 1.0.21876, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Sustituido, 921, 293485, 1.0.21876, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Sustituido, 921, 293485, 1.0.21876, , ame,
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Sustituido, 921, 293486, 1.0.21876, , ame,
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 4
Adware.Linkury.ACMB1, C:\PROGRAMDATA\APPRIABUS, En cuarentena, 903, 487891, 1.0.21876, , ame,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV, En cuarentena, 1278, 805275, , , ,
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\B9QFRCC84F, En cuarentena, 3711, 357599, 1.0.21876, , ame,
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\WADTNRSGQ9, En cuarentena, 3711, 357599, 1.0.21876, , ame,
Archivo: 34
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, En cuarentena, 423, 715618, 1.0.21876, , ame,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\conf.config, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Latlax.exe.config, En cuarentena, 903, 487891, , , ,
Adware.Linkury.ACMB1, C:\ProgramData\AppriabuS\Mathair.exe.config, En cuarentena, 903, 487891, , , ,
Trojan.Agent.PrxySvrRST, C:\WINDOWS\SYSTEM32\TASKS\MICROSOFT\WINDOWS\TIME SYNCHRONIZATION\VIEWUTCTIME, En cuarentena, 1170, 730637, 1.0.21876, , ame,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\devcon.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\OemVista.inf, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\tap0901.sys, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\devcon.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.inf, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.sys, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\FakeClient.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WdfCoInstaller01009.dll, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.dll, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.inf, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.sys, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror2.exe, En cuarentena, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\kmsauto.ini, En cuarentena, 1278, 805275, , , ,
RiskWare.DontStealOurSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Sustituido, 5251, 353143, 1.0.21876, , ame,
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\B9QFRCC84F\CAST.CONFIG, En cuarentena, 3711, 357599, 1.0.21876, , ame,
Adware.Tuto4PC.Generic, C:\Program Files\B9QFRCC84F\B9QFRCC84.exe.config, En cuarentena, 3711, 357599, , , ,
Adware.Tuto4PC.Generic, C:\Program Files\B9QFRCC84F\uninstaller.exe.config, En cuarentena, 3711, 357599, , , ,
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 15030, 444922, 1.0.21876, , ame,
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\WADTNRSGQ9\CAST.CONFIG, En cuarentena, 3711, 357599, 1.0.21876, , ame,
Adware.Tuto4PC.Generic, C:\Program Files\WADTNRSGQ9\uninstaller.exe.config, En cuarentena, 3711, 357599, , , ,
Adware.Tuto4PC.Generic, C:\Program Files\WADTNRSGQ9\WADTNRSGQ.exe.config, En cuarentena, 3711, 357599, , , ,
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\AGOIKELG\TRZ8B35.TMP, En cuarentena, 2943, 806968, 1.0.21876, 278843FD3B452E75DF1F033E, dds, 00661045
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\GOQILEKD\TRZ835F.TMP, En cuarentena, 2943, 806968, 1.0.21876, 278843FD3B452E75DF1F033E, dds, 00661045
Trojan.VBCrypt, C:\USERS\PICHULODANCE\DESKTOP\Game\Left 2 Dead.lnk, Sin acciones por parte del usuario, 4387, 707843, , , ,
Trojan.VBCrypt, C:\GAMES\LEFT 2 DEAD\LEFT 2 DEAD\LEFT4DEAD2.EXE, Sin acciones por parte del usuario, 4387, 707843, 1.0.21876, 0A74C2711727500D51C85660, dds, 00661045
Trojan.VBCrypt, C:\USERS\PICHULODANCE\DESKTOP\Game\River Raider II.lnk, En cuarentena, 4387, 707843, , , ,
Trojan.VBCrypt, C:\GAMES\RIVER RAIDER II\RIVER RAIDER II.EXE, En cuarentena, 4387, 707843, 1.0.21876, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Pido disculpas si pego los reportes ahora sin habermelos pedido, pero es para adelantar en en caso si tuviera que utilizar otra herramienta. Gracias
Hola @Spyrobot_2079
Si que te infecto lindo el programita… 
Realiza lo siguiente:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descarga a tu escritorio las siguientes herramientas:
Farbar Recovery Scan Tool. >>> Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si mi Windows es de 32 o 64 bits.?
3.- Ejecutas en orden:
Malwarebytes Anti-Rootkits
FRST.exe.
Guía: Como Ejecutar FRST
4.- En tu próxima respuesta, pega los reportes generados.
Guía : ¿Como Pegar reportes en el Foro?
Salu2
Buenas Sanmas, gracias por tu asistencia.
Paso a pegar los reportes:
> ---------------------------------------
> Malwarebytes Anti-Rootkit BETA 1.10.3.1001
>
> (c) Malwarebytes Corporation 2011-2012
>
> OS version: 6.1.7601 Windows 7 Service Pack 1 x64
>
> Account is Administrative
>
> Internet Explorer version: 11.0.9600.19596
>
> File system is: NTFS
> Disk drives: C:\ DRIVE_FIXED
> CPU speed: 2.128000 GHz
> Memory total: 3075014656, free: 1826643968
>
> ---------------------------------------
> Malwarebytes Anti-Rootkit BETA 1.10.3.1001
>
> (c) Malwarebytes Corporation 2011-2012
>
> OS version: 6.1.7601 Windows 7 Service Pack 1 x64
>
> Account is Administrative
>
> Internet Explorer version: 11.0.9600.19596
>
> File system is: NTFS
> Disk drives: C:\ DRIVE_FIXED
> CPU speed: 2.128000 GHz
> Memory total: 3075014656, free: 1803415552
>
> =======================================
> Initializing...
> Driver version: 4.3.0.15
> ------------ Kernel report ------------
> 04/04/2020 20:35:45
> ------------ Loaded modules -----------
> \SystemRoot\system32\ntoskrnl.exe
> \SystemRoot\system32\hal.dll
> \SystemRoot\system32\kdcom.dll
> \SystemRoot\system32\mcupdate_GenuineIntel.dll
> \SystemRoot\system32\PSHED.dll
> \SystemRoot\system32\CLFS.SYS
> \SystemRoot\system32\CI.dll
> \SystemRoot\system32\drivers\Wdf01000.sys
> \SystemRoot\system32\drivers\WDFLDR.SYS
> \SystemRoot\system32\drivers\ACPI.sys
> \SystemRoot\system32\drivers\WMILIB.SYS
> \SystemRoot\system32\drivers\msisadrv.sys
> \SystemRoot\system32\drivers\pci.sys
> \SystemRoot\system32\drivers\vdrvroot.sys
> \SystemRoot\System32\drivers\partmgr.sys
> \SystemRoot\system32\DRIVERS\compbatt.sys
> \SystemRoot\system32\DRIVERS\BATTC.SYS
> \SystemRoot\system32\drivers\volmgr.sys
> \SystemRoot\System32\drivers\volmgrx.sys
> \SystemRoot\System32\drivers\mountmgr.sys
> \SystemRoot\system32\drivers\atapi.sys
> \SystemRoot\system32\drivers\ataport.SYS
> \SystemRoot\system32\drivers\msahci.sys
> \SystemRoot\system32\drivers\PCIIDEX.SYS
> \SystemRoot\system32\drivers\amdxata.sys
> \SystemRoot\system32\drivers\fltmgr.sys
> \SystemRoot\system32\drivers\fileinfo.sys
> \SystemRoot\System32\Drivers\Ntfs.sys
> \SystemRoot\System32\Drivers\msrpc.sys
> \SystemRoot\System32\Drivers\ksecdd.sys
> \SystemRoot\System32\Drivers\cng.sys
> \SystemRoot\System32\drivers\pcw.sys
> \SystemRoot\System32\Drivers\Fs_Rec.sys
> \SystemRoot\system32\drivers\ndis.sys
> \SystemRoot\system32\drivers\NETIO.SYS
> \SystemRoot\System32\Drivers\ksecpkg.sys
> \SystemRoot\System32\drivers\tcpip.sys
> \SystemRoot\System32\drivers\fwpkclnt.sys
> \SystemRoot\system32\drivers\avgRvrt.sys
> \SystemRoot\system32\drivers\avgVmm.sys
> \SystemRoot\system32\drivers\volsnap.sys
> \SystemRoot\System32\Drivers\spldr.sys
> \SystemRoot\System32\drivers\rdyboost.sys
> \SystemRoot\System32\Drivers\mup.sys
> \SystemRoot\System32\drivers\hwpolicy.sys
> \SystemRoot\System32\DRIVERS\fvevol.sys
> \SystemRoot\system32\drivers\disk.sys
> \SystemRoot\system32\drivers\CLASSPNP.SYS
> \SystemRoot\system32\drivers\avgbuniv.sys
> \SystemRoot\system32\drivers\avgbidsh.sys
> \SystemRoot\system32\DRIVERS\cdrom.sys
> \SystemRoot\system32\drivers\avgSP.sys
> \SystemRoot\system32\drivers\avgSnx.sys
> \SystemRoot\system32\drivers\ks.sys
> \SystemRoot\System32\Drivers\Null.SYS
> \SystemRoot\System32\Drivers\Beep.SYS
> \SystemRoot\system32\drivers\avgKbd.sys
> \SystemRoot\System32\drivers\vga.sys
> \SystemRoot\System32\drivers\VIDEOPRT.SYS
> \SystemRoot\System32\drivers\watchdog.sys
> \SystemRoot\System32\DRIVERS\RDPCDD.sys
> \SystemRoot\system32\drivers\rdpencdd.sys
> \SystemRoot\system32\drivers\rdprefmp.sys
> \SystemRoot\System32\Drivers\Msfs.SYS
> \SystemRoot\System32\Drivers\Npfs.SYS
> \SystemRoot\system32\DRIVERS\tdx.sys
> \SystemRoot\system32\DRIVERS\TDI.SYS
> \SystemRoot\system32\drivers\afd.sys
> \SystemRoot\system32\drivers\avgRdr2.sys
> \SystemRoot\System32\DRIVERS\netbt.sys
> \SystemRoot\system32\DRIVERS\wfplwf.sys
> \SystemRoot\system32\DRIVERS\pacer.sys
> \SystemRoot\system32\DRIVERS\vwififlt.sys
> \SystemRoot\system32\drivers\avgNetHub.sys
> \SystemRoot\system32\DRIVERS\avgNetNd6.sys
> \SystemRoot\system32\DRIVERS\netbios.sys
> \SystemRoot\system32\DRIVERS\wanarp.sys
> \SystemRoot\system32\drivers\termdd.sys
> \??\C:\Windows\system32\Drivers\SABI.sys
> \SystemRoot\system32\DRIVERS\rdbss.sys
> \SystemRoot\system32\drivers\nsiproxy.sys
> \SystemRoot\system32\drivers\mssmbios.sys
> \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
> \SystemRoot\System32\drivers\discache.sys
> \SystemRoot\System32\Drivers\dfsc.sys
> \SystemRoot\system32\DRIVERS\blbdrive.sys
> \SystemRoot\system32\drivers\avgbidsdriver.sys
> \SystemRoot\system32\drivers\avgArPot.sys
> \SystemRoot\system32\DRIVERS\igdkmd64.sys
> \SystemRoot\System32\drivers\dxgkrnl.sys
> \SystemRoot\System32\drivers\dxgmms1.sys
> \SystemRoot\system32\DRIVERS\HECIx64.sys
> \SystemRoot\system32\drivers\usbehci.sys
> \SystemRoot\system32\drivers\USBPORT.SYS
> \SystemRoot\system32\DRIVERS\HDAudBus.sys
> \SystemRoot\system32\DRIVERS\bcmwl664.sys
> \SystemRoot\system32\DRIVERS\vwifibus.sys
> \SystemRoot\system32\DRIVERS\Rt64win7.sys
> \SystemRoot\system32\DRIVERS\CmBatt.sys
> \SystemRoot\system32\DRIVERS\i8042prt.sys
> \SystemRoot\system32\drivers\kbdclass.sys
> \SystemRoot\system32\drivers\mouclass.sys
> \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
> \SystemRoot\system32\drivers\intelppm.sys
> \SystemRoot\system32\DRIVERS\CompositeBus.sys
> \SystemRoot\system32\DRIVERS\CLMirrorDriver.sys
> \SystemRoot\system32\drivers\anvsnddrv.sys
> \SystemRoot\system32\drivers\portcls.sys
> \SystemRoot\system32\drivers\drmk.sys
> \SystemRoot\system32\drivers\ksthunk.sys
> \SystemRoot\system32\DRIVERS\clwvd7.sys
> \SystemRoot\system32\drivers\dfx12x64.sys
> \SystemRoot\system32\DRIVERS\AgileVpn.sys
> \SystemRoot\system32\DRIVERS\rasl2tp.sys
> \SystemRoot\system32\DRIVERS\ndistapi.sys
> \SystemRoot\system32\DRIVERS\ndiswan.sys
> \SystemRoot\system32\DRIVERS\raspppoe.sys
> \SystemRoot\system32\DRIVERS\raspptp.sys
> \SystemRoot\system32\DRIVERS\rassstp.sys
> \SystemRoot\system32\drivers\swenum.sys
> \SystemRoot\system32\DRIVERS\umbus.sys
> \SystemRoot\system32\drivers\usbhub.sys
> \SystemRoot\System32\Drivers\NDProxy.SYS
> \SystemRoot\system32\drivers\RTKVHD64.sys
> \SystemRoot\system32\drivers\HdAudio.sys
> \SystemRoot\system32\DRIVERS\usbccgp.sys
> \SystemRoot\system32\DRIVERS\USBD.SYS
> \SystemRoot\System32\Drivers\usbvideo.sys
> \SystemRoot\System32\Drivers\crashdmp.sys
> \SystemRoot\System32\Drivers\dump_dumpata.sys
> \SystemRoot\System32\Drivers\dump_msahci.sys
> \SystemRoot\System32\Drivers\dump_dumpfve.sys
> \SystemRoot\System32\win32k.sys
> \SystemRoot\System32\drivers\Dxapi.sys
> \SystemRoot\System32\Drivers\BTHUSB.sys
> \SystemRoot\System32\Drivers\bthport.sys
> \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
> \SystemRoot\system32\DRIVERS\rfcomm.sys
> \SystemRoot\system32\drivers\BthEnum.sys
> \SystemRoot\system32\drivers\bthpan.sys
> \SystemRoot\system32\drivers\monitor.sys
> \SystemRoot\System32\TSDDD.dll
> \SystemRoot\System32\cdd.dll
> \SystemRoot\system32\drivers\luafv.sys
> \SystemRoot\system32\drivers\avgMonFlt.sys
> \SystemRoot\system32\DRIVERS\lltdio.sys
> \SystemRoot\system32\DRIVERS\nwifi.sys
> \SystemRoot\system32\DRIVERS\ndisuio.sys
> \SystemRoot\system32\DRIVERS\rspndr.sys
> \SystemRoot\System32\ATMFD.DLL
> \SystemRoot\system32\DRIVERS\vwifimp.sys
> \SystemRoot\system32\drivers\HTTP.sys
> \SystemRoot\system32\DRIVERS\bowser.sys
> \SystemRoot\System32\drivers\mpsdrv.sys
> \SystemRoot\system32\DRIVERS\mrxsmb.sys
> \SystemRoot\system32\DRIVERS\mrxsmb10.sys
> \SystemRoot\system32\DRIVERS\mrxsmb20.sys
> \SystemRoot\system32\drivers\peauth.sys
> \??\C:\Windows\SysWOW64\speedfan.sys
> \SystemRoot\System32\DRIVERS\srvnet.sys
> \SystemRoot\System32\drivers\tcpipreg.sys
> \SystemRoot\System32\DRIVERS\srv2.sys
> \SystemRoot\System32\DRIVERS\srv.sys
> \SystemRoot\system32\DRIVERS\tunnel.sys
> \SystemRoot\system32\DRIVERS\asyncmac.sys
> \SystemRoot\system32\DRIVERS\cdfs.sys
> \??\C:\Windows\system32\drivers\mbamchameleon.sys
> \??\C:\Windows\system32\drivers\45580760.sys
> \Windows\System32\ntdll.dll
> \Windows\System32\smss.exe
> \Windows\System32\apisetschema.dll
> \Windows\System32\autochk.exe
> \Windows\System32\lpk.dll
> \Windows\System32\clbcatq.dll
> \Windows\System32\shell32.dll
> \Windows\System32\imm32.dll
> \Windows\System32\oleaut32.dll
> \Windows\System32\iertutil.dll
> \Windows\System32\rpcrt4.dll
> \Windows\System32\gdi32.dll
> \Windows\System32\imagehlp.dll
> \Windows\System32\sechost.dll
> \Windows\System32\comdlg32.dll
> \Windows\System32\shlwapi.dll
> \Windows\System32\difxapi.dll
> \Windows\System32\advapi32.dll
> \Windows\System32\ws2_32.dll
> \Windows\System32\normaliz.dll
> \Windows\System32\urlmon.dll
> \Windows\System32\wininet.dll
> \Windows\System32\usp10.dll
> \Windows\System32\setupapi.dll
> \Windows\System32\user32.dll
> \Windows\System32\nsi.dll
> \Windows\System32\msctf.dll
> \Windows\System32\msvcrt.dll
> \Windows\System32\Wldap32.dll
> \Windows\System32\psapi.dll
> \Windows\System32\ole32.dll
> \Windows\System32\kernel32.dll
> \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
> \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
> \Windows\System32\cfgmgr32.dll
> \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
> \Windows\System32\crypt32.dll
> \Windows\System32\comctl32.dll
> \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
> \Windows\System32\devobj.dll
> \Windows\System32\userenv.dll
> \Windows\System32\KernelBase.dll
> \Windows\System32\wintrust.dll
> \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
> \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
> \Windows\System32\profapi.dll
> \Windows\System32\msasn1.dll
> \Windows\SysWOW64\normaliz.dll
> ----------- End -----------
> Done!
>
> Scan started
> Database versions:
> main: v2017.10.25.11
> rootkit: v2017.10.14.01
>
> <<<2>>>
> Physical Sector Size: 512
> Drive: 0, DevicePointer: 0xfffffa80032c9370, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
> --------- Disk Stack ------
> DevicePointer: 0xfffffa80032ca040, DeviceName: Unknown, DriverName: \Driver\partmgr\
> DevicePointer: 0xfffffa80032c9370, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
> DevicePointer: 0xfffffa8003149060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
> ------------ End ----------
> Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
> Upper DeviceData: 0x0, 0x0, 0x0
> Lower DeviceData: 0x0, 0x0, 0x0
> <<<3>>>
> Volume: C:
> File system type: NTFS
> SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
> <<<2>>>
> <<<3>>>
> Volume: C:
> File system type: NTFS
> SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
> Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
> Done!
> Drive 0
> This is a System drive
> Scanning MBR on drive 0...
> Inspecting partition table:
> MBR Signature: 55AA
> Disk Signature: C4E138D
>
> Partition information:
>
> Partition 0 type is Primary (0x7)
> Partition is ACTIVE.
> Partition starts at LBA: 206848 Numsec = 976562176
> Partition is bootable
> Partition file system is NTFS
>
> Partition 1 type is Empty (0x0)
> Partition is NOT ACTIVE.
> Partition starts at LBA: 0 Numsec = 0
> Partition is not bootable
>
> Partition 2 type is Empty (0x0)
> Partition is NOT ACTIVE.
> Partition starts at LBA: 0 Numsec = 0
> Partition is not bootable
>
> Partition 3 type is Empty (0x0)
> Partition is NOT ACTIVE.
> Partition starts at LBA: 0 Numsec = 0
> Partition is not bootable
>
> Disk Size: 500107862016 bytes
> Sector size: 512 bytes
>
> Done!
> Infected: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999} --> [Trojan.Agent]
> Scan finished
> Creating System Restore point...
> Cleaning up...
> Removal successful. No system shutdown is required.
> =======================================
>
>
> =======================================Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-03-2020
Ejecutado por Pichulodance (administrador) sobre PICHULODANCE-PC (SAMSUNG ELECTRONICS CO., LTD. RV411/RV511/E3511/S3511/RV711/E3411) (04-04-2020 22:10:02)
Ejecutado desde C:\Users\Pichulodance\Desktop
Perfiles cargados: Pichulodance (Perfiles disponibles: Pichulodance)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(MAGIX AG) [Archivo no firmado] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156256 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Winlogon: [Shell] C:\Windows\explorer.exe,Explorer.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{67187239-0780-4d9b-895B-7F0968AA474E}] -> C:\Program Files (x86)\CyberLink\YouCam7\CLCredProv\x64\CLCredProv.dll [2015-06-14] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{67187239-0780-4d9b-895B-7F0968AA474E}] -> C:\Program Files (x86)\CyberLink\YouCam7\CLCredProv\x64\CLCredProv.dll [2015-06-14] (CyberLink Corp. -> CyberLink)
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {0AE6A774-7886-433A-9EA7-4D2E801716A4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {131D8B7C-DE01-4BAB-9E57-C30342308812} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A77E681-835B-446D-9B22-4677102F3D4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1FB7BDA7-3E3D-4ED4-A648-F6B86824A020} - System32\Tasks\{708907DB-FDD0-4976-82CC-C9B7C1706E50} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\setup.exe -d C:\Users\Pichulodance\Desktop
Task: {26A7A62D-7625-48CE-94DD-75606C6C5511} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3373072 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {36DC7E05-54DE-4ACB-9871-78259BCEE0E8} - System32\Tasks\{2B726D0B-0C65-4319-8E6D-F64506AE7BD5} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\QCA_WLAN_Driver_1.0.0.1\setup.exe -d C:\Users\Pichulodance\Desktop\QCA_WLAN_Driver_1.0.0.1
Task: {3CAE88D2-5E11-421D-BA06-8160FDCD35FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3DF2BB07-0FFE-4E53-8181-9F2C29B547B6} - System32\Tasks\{39E0EA4D-1828-4E46-9E27-DFBFD609F22B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Pichulodance\Desktop\PE.4.0.AmasDiez\PesEdit 4.0 A+10\Installer.exe" -d "C:\Users\Pichulodance\Desktop\PE.4.0.AmasDiez\PesEdit 4.0 A+10"
Task: {3F28275D-2B5E-46B5-8600-C110853C75B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-13] (Adobe Inc. -> Adobe)
Task: {4C9D0EBF-3031-41E1-AC35-3D2C4856F143} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {4F1E03CF-B4DA-4F5C-A2ED-2DD67DE23903} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5869C11C-D15C-44BD-AE94-374FF23B940C} - \GoogleUpdateTaskMachineUA -> Ningún archivo <==== ATENCIÓN
Task: {62E17E23-7D60-45A7-8CBB-FECCB77EA4D3} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775336 2010-08-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado]
Task: {6E688DA2-EE1A-4592-961A-9620C9A82C10} - System32\Tasks\{D95541D8-E700-4335-9841-210400F3D8E8} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.0.8\setup.exe -d C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.0.8
Task: {7413A47C-B82D-455E-9BC6-FDC408879F59} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {80EAC3CA-CFFC-4957-A3D8-769A9F758261} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {92B673DB-7812-47DD-9336-0F897FBD36C3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-13] (Adobe Inc. -> Adobe)
Task: {C2383190-E547-4F2A-9910-AEC0764E0830} - System32\Tasks\{505C5617-0BEB-434D-9810-9B5BAEC6120F} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.1.5\setup.exe -d C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.1.5
Task: {C8D03BE0-DF9E-4520-A690-B97F740B8BD0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1723392 2019-08-12] () [Archivo no firmado]
Task: {D4877469-33FA-4414-860A-FAF5FA23D1B6} - \GoogleUpdateTaskMachineCore -> Ningún archivo <==== ATENCIÓN
Task: {D77FAF9F-74DF-415B-B625-439C68DC5C38} - System32\Tasks\{28036A89-59E8-45E1-92B7-616DF495794C} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\Intel_Wireless_Display.exe -d C:\Users\Pichulodance\Desktop
Task: {E8A61068-60A8-4AF5-9775-C990638C40E0} - \KMSAutoNet -> Ningún archivo <==== ATENCIÓN
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2011-04-06] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2011-04-06] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{AD97FEE6-5968-4697-A7E1-5B852BCF8362}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F6FCD06C-229D-4B2D-AA25-66D8FA4C1033}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Internet Explorer:
==================
SearchScopes: HKLM-x32 -> DefaultScope no se encuentra el valor
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - Ningún archivo
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - Ningún archivo
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9tpd2wso.default
FF ProfilePath: C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\9tpd2wso.default [2020-03-25]
FF ProfilePath: C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\h24kkzzg.default-release [2020-04-04]
FF DownloadDir: C:\Users\Pichulodance\Desktop
FF Notifications: Mozilla\Firefox\Profiles\h24kkzzg.default-release -> hxxps://www.facebook.com; hxxps://www3a.sherwoodsutton.pro
FF Extension: (AdGuard AdBlocker) - C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\h24kkzzg.default-release\Extensions\[email protected] [2020-03-28]
FF Extension: (AVG Online Security) - C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\h24kkzzg.default-release\Extensions\[email protected] [2020-04-02]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\h24kkzzg.default-release\Extensions\[email protected] [2020-03-02]
FF Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\h24kkzzg.default-release\Extensions\[email protected] [2020-03-02]
FF Extension: (момина сълза) - C:\Users\Pichulodance\AppData\Roaming\Mozilla\Firefox\Profiles\h24kkzzg.default-release\Extensions\{ef25de4a-293f-411f-88ca-e9328e7dc670}.xpi [2020-03-24]
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-06-07] (Apple Inc. -> )
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [Ningún archivo]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default [2020-04-03]
CHR DownloadDir: C:\Users\Pichulodance\Desktop
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-14]
CHR Extension: (Documentos) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-14]
CHR Extension: (Google Drive) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-14]
CHR Extension: (AdGuard AdBlocker) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2020-03-26]
CHR Extension: (YouTube) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-14]
CHR Extension: (Hojas de cálculo) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-14]
CHR Extension: (Pinterest) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdahlimgohfikaoinpdclkpciabakhf [2020-01-31]
CHR Extension: (Conversor de vídeo) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2019-08-14]
CHR Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2020-04-02]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-13]
CHR Extension: (Gmail) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\Pichulodance\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-01]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [345960 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1005744 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5552064 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Archivo no firmado]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Archivo no firmado]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-03] (Malwarebytes Inc -> Malwarebytes)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG -> Nero AG)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3305208 2019-07-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R0 45580760; C:\Windows\System32\drivers\45580760.sys [255928 2020-04-04] (Malwarebytes Corporation -> Malwarebytes)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Co., Ltd. -> AnvSoft Inc.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [206672 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [234840 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [179032 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [61272 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43568 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [175984 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [492712 2020-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2020-04-02] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [110064 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [85664 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [852392 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [460184 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [235768 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317864 2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 CLMirrorDriver; C:\Windows\System32\DRIVERS\CLMirrorDriver.sys [21264 2015-05-20] (CyberLink Corp. -> CyberLink)
R3 clwvd7; C:\Windows\System32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corp. -> CyberLink Corporation)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] ([email protected] -> EZB Systems, Inc.)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2020-01-31] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 SABI; C:\Windows\system32\Drivers\SABI.sys [13824 2010-10-07] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [432840 2020-03-01] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [545568 2020-03-01] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
U3 iswSvc; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-04-04 22:10 - 2020-04-04 22:13 - 000023280 _____ C:\Users\Pichulodance\Desktop\FRST.txt
2020-04-04 22:09 - 2020-04-04 22:11 - 000000000 ____D C:\FRST
2020-04-04 20:35 - 2020-04-04 21:20 - 000000000 ____D C:\Users\Pichulodance\Desktop\mbar
2020-04-04 20:35 - 2020-04-04 21:20 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-04-04 20:35 - 2020-04-04 20:35 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\45580760.sys
2020-04-04 20:35 - 2020-04-04 20:35 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-04-04 20:34 - 2020-04-04 20:34 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Pichulodance\Desktop\mbar-1.10.3.1001.exe
2020-04-04 20:34 - 2020-04-04 20:34 - 002280448 _____ (Farbar) C:\Users\Pichulodance\Desktop\FRST64.exe
2020-04-03 23:26 - 2020-04-03 23:26 - 000010044 _____ C:\Users\Pichulodance\Desktop\002.txt
2020-04-03 23:04 - 2020-04-03 23:04 - 000035484 _____ C:\Users\Pichulodance\Desktop\001.txt
2020-04-03 23:03 - 2020-04-03 23:03 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\mbam
2020-04-03 23:02 - 2020-04-03 23:02 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-03 23:02 - 2020-04-03 23:02 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-03 23:02 - 2020-04-03 23:02 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\mbamtray
2020-04-03 23:02 - 2020-04-03 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-03 23:02 - 2020-04-03 23:00 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-03 22:58 - 2020-04-03 22:58 - 000026772 _____ C:\Users\Pichulodance\Documents\cc_20200403_225834.reg
2020-04-03 22:58 - 2020-04-03 22:58 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-03 22:55 - 2020-04-03 22:55 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-03 22:55 - 2020-04-03 22:55 - 000002836 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-03 22:55 - 2020-04-03 22:55 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-03 22:55 - 2020-04-03 22:55 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-03 22:55 - 2020-04-03 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-03 22:55 - 2020-04-03 22:55 - 000000000 ____D C:\Program Files\CCleaner
2020-04-03 22:45 - 2020-04-03 22:47 - 000000000 ____D C:\AdwCleaner
2020-04-03 22:44 - 2020-04-03 22:44 - 001957784 _____ (Malwarebytes) C:\Users\Pichulodance\Desktop\MBSetup.exe
2020-04-03 22:42 - 2020-04-03 22:42 - 022267336 _____ (Piriform Software Ltd) C:\Users\Pichulodance\Desktop\ccsetup565.exe
2020-04-03 22:42 - 2020-04-03 22:42 - 008196784 _____ (Malwarebytes) C:\Users\Pichulodance\Desktop\adwcleaner_8.0.4.exe
2020-04-03 22:06 - 2020-04-03 22:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-03 14:51 - 2020-04-03 14:51 - 000000000 ____D C:\Users\Pichulodance\Documents\DVD_0
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\xhi5cpil4hq
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\it1pjpqahfo
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Program Files\70OE1LMH5V
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Program Files\1XTJU8W8U9
2020-04-03 03:38 - 2020-04-03 19:49 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lady Beast - The Vulture's Amulet (2020) (Lossless)
2020-04-03 03:38 - 2020-04-03 03:38 - 000000000 ____D C:\Users\Pichulodance\Downloads\Synthesys - Distant Dream (2020)
2020-04-03 03:37 - 2020-04-03 19:54 - 000000000 ____D C:\Users\Pichulodance\Downloads\Dark Passage - The Legacy of Blood (2020)
2020-04-03 03:37 - 2020-04-03 19:49 - 000000000 ____D C:\Users\Pichulodance\Downloads\Palace - Reject the System (2020)
2020-04-03 03:37 - 2020-04-03 19:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Hevius - Millénaire (2020)
2020-04-03 03:37 - 2020-04-03 19:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\High Road Easy - High Road Easy (2020)
2020-04-03 03:37 - 2020-04-03 03:37 - 000000000 ____D C:\Users\Pichulodance\Downloads\Axel Rudi Pell - Wings Of The Storm (Single)(2020)
2020-04-03 01:26 - 2020-04-03 01:26 - 000002441 _____ C:\Users\Pichulodance\AppData\Local\recently-used.xbel
2020-04-03 01:23 - 2020-04-03 01:27 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\babl-0.1
2020-04-03 01:23 - 2020-04-03 01:23 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\gegl-0.4
2020-04-03 01:22 - 2020-04-03 01:22 - 000035840 ____H C:\Users\Pichulodance\Desktop\photothumb.db
2020-04-03 01:17 - 2020-04-03 20:12 - 1454799444 ____R C:\Users\Pichulodance\Downloads\The.Decline.2020.lati.mp4
2020-04-03 00:41 - 2020-04-03 00:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\MoonSun
2020-04-03 00:41 - 2020-04-03 00:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Wake of Sirens
2020-04-03 00:41 - 2020-04-03 00:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Rainbow - The Platinum Collection 3CD (2019)
2020-04-03 00:41 - 2020-04-03 00:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Dynazty - The Dark Delight (2020)
2020-04-03 00:41 - 2020-04-03 00:42 - 000000000 ____D C:\Users\Pichulodance\Downloads\Nighttrain - Hell Central
2020-04-03 00:41 - 2020-04-03 00:41 - 000000000 ____D C:\Users\Pichulodance\Downloads\Conception - State of Deception (2020)
2020-04-02 23:39 - 2020-04-04 12:40 - 000156616 _____ C:\Users\Pichulodance\AppData\Local\GDIPFONTCACHEV1.DAT
2020-04-02 22:15 - 2020-04-03 03:08 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\GlarySoft
2020-04-02 22:11 - 2020-04-02 22:11 - 000000224 _____ C:\Users\Pichulodance\Desktop\Prime Video.URL
2020-04-02 21:44 - 2020-04-02 21:44 - 000001986 _____ C:\Users\Pichulodance\Documents\AVG Internet Security.lnk
2020-04-02 21:44 - 2020-04-02 21:44 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\AVG
2020-04-02 21:44 - 2020-04-02 21:44 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\Avg
2020-04-02 21:44 - 2020-04-02 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2020-04-02 21:43 - 2020-04-02 21:43 - 000000000 ___HD C:\$AV_AVG
2020-04-02 21:35 - 2020-04-02 21:17 - 000337592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2020-04-02 21:20 - 2020-04-02 21:20 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2020-04-02 21:18 - 2020-04-03 02:57 - 000004162 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-04-02 21:17 - 2020-04-03 17:36 - 000492712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000852392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000460184 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000317864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000235768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000206672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000175984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000110064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000085664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000043568 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000029944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetNd6.sys
2020-04-02 21:17 - 2020-04-02 21:17 - 000000000 ____D C:\Program Files\Common Files\AVG
2020-04-02 21:17 - 2020-04-02 21:16 - 000234840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2020-04-02 21:17 - 2020-04-02 21:16 - 000179032 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2020-04-02 21:17 - 2020-04-02 21:16 - 000061272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2020-04-02 21:16 - 2020-04-02 21:42 - 000000000 ____D C:\Windows\pss
2020-04-02 21:15 - 2020-04-03 15:39 - 000000000 ____D C:\Program Files (x86)\AGOIkelg
2020-04-02 21:15 - 2020-04-02 21:15 - 000000000 ____D C:\Program Files\AVG
2020-04-02 21:14 - 2020-04-02 21:17 - 000000000 ____D C:\ProgramData\AVG
2020-04-02 21:13 - 2020-04-02 21:13 - 000000024 _____ C:\Users\Pichulodance\Documents\S-XT.txt
2020-04-02 21:09 - 2020-04-03 15:34 - 000000000 ____D C:\Program Files (x86)\GOQILEkd
2020-04-02 20:39 - 2020-04-02 22:05 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\Apps\2.02020-04-02 19:53 - 2020-04-04 20:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-02 12:51 - 2020-04-02 12:51 - 000001115 _____ C:\Users\Vanhelsing\_readme.txt
2020-04-02 12:51 - 2020-04-02 12:51 - 000001115 _____ C:\Users\Pichulodance\_readme.txt
2020-04-02 12:51 - 2020-04-02 12:51 - 000001115 _____ C:\Users\Invitado\_readme.txt
2020-04-02 12:51 - 2020-04-02 12:51 - 000001115 _____ C:\Users\Administrador\_readme.txt
2020-04-02 12:51 - 2020-04-02 12:51 - 000001115 _____ C:\_readme.txt
2020-04-02 12:49 - 2020-04-02 12:50 - 000000000 ____D C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ
2020-04-02 12:49 - 2020-04-02 12:49 - 000000000 ____D C:\SystemID
2020-04-02 02:44 - 2020-04-02 21:43 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\TimerUtc
2020-04-02 02:27 - 2020-04-02 02:27 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Thinstall
2020-04-02 02:07 - 2020-04-03 01:26 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\gtk-2.0
2020-04-02 02:06 - 2020-04-02 02:06 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\GIMP
2020-04-02 02:06 - 2020-04-02 02:06 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\GIMP
2020-04-02 02:05 - 2020-04-02 02:05 - 000000901 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.18.lnk
2020-04-02 01:33 - 2020-04-02 12:52 - 000000000 ____D C:\Users\Pichulodance\.gimp-2.8
2020-04-02 01:32 - 2020-04-02 02:07 - 000000000 ____D C:\Program Files\GIMP 2
2020-04-01 23:15 - 2020-04-02 00:07 - 000000000 ____D C:\Users\Pichulodance\Downloads\Argion - Tiempo de Héroes (2020)
2020-04-01 23:02 - 2020-04-01 23:24 - 000000000 ____D C:\Users\Pichulodance\Downloads\Fury - The Grand Prize (2020)
2020-04-01 22:57 - 2020-04-02 01:19 - 000000000 ____D C:\Users\Pichulodance\Downloads\Testament - Titans of Creation (2020) [FLAC]
2020-04-01 22:57 - 2020-04-01 23:17 - 000000000 ____D C:\Users\Pichulodance\Downloads\Consequence - Collapsed Home (2020) [320]
2020-04-01 02:36 - 2020-04-01 02:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Scarlet Aura - Stormbreaker
2020-04-01 02:36 - 2020-04-01 02:37 - 000000000 ____D C:\Users\Pichulodance\Downloads\Powerwolf - Werewolves of Armenia (Rerecorded Version)(2020)
2020-04-01 02:36 - 2020-04-01 02:37 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lutharo - Wings Of Agony (EP) (2020)
2020-04-01 02:36 - 2020-04-01 02:36 - 000000000 ____D C:\Users\Pichulodance\Downloads\Nightwish - Hvman. Natvre. (2CD) (2020) (Lossless)
2020-04-01 00:45 - 2020-04-03 02:57 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-03-31 23:50 - 2020-03-31 23:56 - 000000000 ____D C:\Users\Pichulodance\Downloads\Dynazty - Discography (2009-2020)
2020-03-31 23:50 - 2020-03-31 23:50 - 000000000 ____D C:\Users\Pichulodance\Downloads\Nightwish - Human. II Nature 2020
2020-03-31 23:50 - 2020-03-31 23:50 - 000000000 ____D C:\Users\Pichulodance\Downloads\Kreator - 666 - World Divided (Single)(2020)
2020-03-30 23:21 - 2020-03-30 23:21 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Left 4 Dead
2020-03-30 22:55 - 2020-03-30 23:29 - 000000000 ____D C:\Program Files (x86)\Left 4 Dead
2020-03-30 22:55 - 2020-03-30 22:55 - 000000000 ____D C:\Windows\Left 4 Dead
2020-03-30 19:28 - 2020-03-30 19:28 - 000000000 ____D C:\Program Files (x86)\KONAMI
2020-03-30 02:38 - 2020-03-30 02:39 - 000000000 ____D C:\Users\Pichulodance\Downloads\Waking Dream
2020-03-30 02:38 - 2020-03-30 02:38 - 000000000 ____D C:\Users\Pichulodance\Downloads\Samson - Shock Tactics (2017)
2020-03-30 02:22 - 2020-03-30 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2011 Patch
2020-03-30 01:41 - 2020-04-03 02:57 - 000003314 _____ C:\Windows\system32\Tasks\{39E0EA4D-1828-4E46-9E27-DFBFD609F22B}
2020-03-29 03:09 - 2020-03-29 10:59 - 000000000 ____D C:\Users\Pichulodance\Downloads\Kiss - Essentials (Compilation) (2019)
2020-03-27 22:54 - 2020-03-27 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
2020-03-27 22:43 - 2020-03-27 22:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Studios
2020-03-27 22:39 - 2020-03-27 23:26 - 000001265 _____ C:\Windows\disney.ini
2020-03-27 22:39 - 2020-03-27 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive
2020-03-27 22:39 - 2020-03-27 22:39 - 000000000 ____D C:\Program Files\Disney Interactive
2020-03-27 22:39 - 1998-01-23 12:21 - 000305152 _____ (InstallShield Software Corporation, Inc.) C:\Windows\IsUn040a.exe
2020-03-27 22:05 - 2020-03-27 22:08 - 000000000 ____D C:\Users\Pichulodance\Downloads\FM - Vintage And Rare (2006)
2020-03-27 22:04 - 2020-03-27 22:09 - 000000000 ____D C:\Users\Pichulodance\Downloads\Temple of Void - The World That Was (2020) [320]
2020-03-27 00:39 - 2020-03-27 00:39 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\capcom
2020-03-26 20:17 - 2020-03-26 20:17 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCom
2020-03-26 20:11 - 2020-03-26 20:11 - 000000000 ____D C:\Program Files (x86)\CapCom
2020-03-26 03:05 - 2020-03-26 03:29 - 000000000 ____D C:\Users\Pichulodance\Downloads\The Dead Daisies - Live and Louder
2020-03-26 03:05 - 2020-03-26 03:10 - 000000000 ____D C:\Users\Pichulodance\Downloads\The Dead Daisies - Make Some Noise
2020-03-26 03:05 - 2020-03-26 03:10 - 000000000 ____D C:\Users\Pichulodance\Downloads\Malice - The Atlantic Albums (2020)
2020-03-26 03:05 - 2020-03-26 03:07 - 000000000 ____D C:\Users\Pichulodance\Downloads\The Dead Daisies - Locked and Loaded (The Covers Album) (2019)
2020-03-26 03:05 - 2020-03-26 03:07 - 000000000 ____D C:\Users\Pichulodance\Downloads\The Dead Daisies - Burn It Down (2018)
2020-03-26 03:05 - 2020-03-26 03:05 - 000000000 ____D C:\Users\Pichulodance\Downloads\Deep Purple - Throw My Bones (2020) (Single)
2020-03-25 22:40 - 2020-03-30 03:01 - 000000000 ____D C:\Users\Pichulodance\Documents\JDownloader 2
2020-03-25 22:34 - 2020-03-25 22:34 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2020-03-25 22:31 - 2020-03-29 21:27 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\JDownloader 2.0
2020-03-25 00:21 - 2020-03-25 00:21 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\streamripper
2020-03-24 23:23 - 2020-03-24 23:23 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\UnrealEngine
2020-03-24 22:51 - 2020-03-24 22:51 - 000000000 ____D C:\Users\Public\Documents\CyberLink
2020-03-24 22:51 - 2020-03-24 22:51 - 000000000 ____D C:\ProgramData\Documents\CyberLink
2020-03-24 00:49 - 2020-04-04 12:41 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\dvdcss
2020-03-24 00:44 - 2020-03-24 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-03-24 00:42 - 2020-03-24 00:42 - 000000000 ____D C:\Program Files\VideoLAN
2020-03-24 00:06 - 2020-03-24 00:10 - 000000000 ____D C:\Users\Pichulodance\AppData\LocalLow\inXile entertainment
2020-03-23 00:32 - 2020-04-02 02:28 - 000000000 ____D C:\games
2020-03-21 23:59 - 2020-04-03 23:11 - 000000000 ____D C:\Users\Pichulodance\AppData\LocalLow\IGDump
2020-03-21 23:50 - 2020-03-21 23:50 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\cache
2020-03-21 23:29 - 2020-03-22 02:11 - 000000000 ____D C:\Users\Pichulodance\Downloads\Winger - The Atlantic Albums (Compilation 2020)
2020-03-21 23:29 - 2020-03-21 23:37 - 000000000 ____D C:\Users\Pichulodance\Downloads\Pearl Jam - 2020 - Gigaton
2020-03-21 23:29 - 2020-03-21 23:30 - 000000000 ____D C:\Users\Pichulodance\Downloads\SteelCity - Mach II (2020)
2020-03-21 23:29 - 2020-03-21 23:29 - 000000000 ____D C:\Users\Pichulodance\Downloads\Ayreon - Electric Castle Live And Other Tales (2CD)(Live)
2020-03-21 23:20 - 2020-03-21 23:20 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Publish Providers
2020-03-20 23:50 - 2020-03-20 23:50 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2020-03-20 23:49 - 2020-03-20 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2020-03-20 23:49 - 2020-03-20 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2020-03-20 23:49 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\ImgBurn
2020-03-20 23:49 - 2020-03-20 23:49 - 000000000 ____D C:\Program Files (x86)\Haali
2020-03-20 23:48 - 2020-04-02 21:04 - 000000000 ____D C:\ProgramData\Sony
2020-03-20 23:48 - 2020-03-21 23:14 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\Sony
2020-03-20 23:48 - 2020-03-20 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVStoDVD
2020-03-20 23:48 - 2020-03-20 23:50 - 000000000 ____D C:\Program Files (x86)\AVStoDVD
2020-03-20 23:48 - 2020-03-20 23:48 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVStoDVD
2020-03-20 23:48 - 2020-03-20 23:48 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2020-03-20 23:48 - 2020-03-20 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2020-03-20 23:48 - 2020-03-20 23:48 - 000000000 ____D C:\Program Files\Sony
2020-03-20 23:48 - 2020-03-20 23:48 - 000000000 ____D C:\Program Files (x86)\Sony
2020-03-20 23:48 - 2020-03-20 23:48 - 000000000 ____D C:\Program Files (x86)\AviSynth 2.5
2020-03-20 11:33 - 2020-03-20 11:38 - 000000000 ____D C:\Users\Pichulodance\Downloads\Halford - Thunder And Lightning
2020-03-20 11:33 - 2020-03-20 11:38 - 000000000 ____D C:\Users\Pichulodance\Downloads\Halford - Singles Comes Out Of Black (2011)
2020-03-20 11:32 - 2020-03-20 11:34 - 000000000 ____D C:\Users\Pichulodance\Downloads\Heaven Shall Burn - Of Truth & Sacrifice (2CD)
2020-03-20 11:32 - 2020-03-20 11:33 - 000000000 ____D C:\Users\Pichulodance\Downloads\Halford - Greatest Hits
2020-03-19 12:27 - 2020-03-19 12:32 - 000000000 ____D C:\Users\Pichulodance\Downloads\Burn - Meltdown (Compilation)(2020)
2020-03-17 23:06 - 2020-03-17 23:06 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\4kdownload.com
2020-03-16 23:36 - 2020-03-16 23:36 - 000054310 _____ C:\Windows\system32\NOTICE_mod
2020-03-15 00:50 - 2020-03-15 00:50 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Milestone
2020-03-15 00:50 - 2020-03-15 00:50 - 000000000 ____D C:\ProgramData\Steam
2020-03-15 00:47 - 2020-03-15 00:47 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\2XL
2020-03-15 00:30 - 2020-03-15 00:30 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2020-03-15 00:30 - 2020-03-15 00:30 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2020-03-15 00:30 - 2020-03-15 00:30 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2020-03-15 00:30 - 2020-03-15 00:30 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2020-03-15 00:30 - 2020-03-15 00:30 - 000000000 ____D C:\Program Files (x86)\OpenAL
2020-03-15 00:26 - 2020-03-15 00:26 - 000000000 ____D C:\Program Files (x86)\2XL Games
2020-03-14 22:41 - 2020-03-14 22:43 - 000000000 ____D C:\Users\Pichulodance\Downloads\Black Hawk - Destination Hell (2020)
2020-03-14 22:41 - 2020-03-14 22:42 - 000000000 ____D C:\Users\Pichulodance\Downloads\Imperial Child - Compass of Evil (2020)
2020-03-12 22:31 - 2020-03-13 07:23 - 000000000 ____D C:\Users\Pichulodance\Downloads\Jerry Cantrell (Alice in Chains)
2020-03-12 22:18 - 2020-03-13 07:39 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Maiden - The Studio Collection - Remastered 2015
2020-03-12 22:18 - 2020-03-12 22:28 - 000000000 ____D C:\Users\Pichulodance\Downloads\Wolf - Feeding the Machine (2020)
2020-03-12 22:18 - 2020-03-12 22:23 - 000000000 ____D C:\Users\Pichulodance\Downloads\Testament - Titans of Creation (2020)
2020-03-12 22:18 - 2020-03-12 22:23 - 000000000 ____D C:\Users\Pichulodance\Downloads\Gotthard - #13 (Limited Edition) (2020)
2020-03-12 22:18 - 2020-03-12 22:22 - 000000000 ____D C:\Users\Pichulodance\Downloads\Ambush - Infidel (2020)
2020-03-12 22:18 - 2020-03-12 22:21 - 000000000 ____D C:\Users\Pichulodance\Downloads\Elixir
2020-03-12 22:18 - 2020-03-12 22:20 - 000000000 ____D C:\Users\Pichulodance\Downloads\Ozzy Osbourne - Ordinary Man (Deluxe Edition) 2020
2020-03-12 22:18 - 2020-03-12 22:19 - 000000000 ____D C:\Users\Pichulodance\Downloads\Dexter Ward - III (2020)
2020-03-12 22:18 - 2020-03-12 22:19 - 000000000 ____D C:\Users\Pichulodance\Downloads\Bone Church
2020-03-12 22:15 - 2020-04-03 23:19 - 000000000 ___RD C:\Users\Pichulodance\Desktop\Game
2020-03-12 21:56 - 2020-03-12 21:56 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2020-03-12 00:09 - 2020-03-12 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.0
2020-03-12 00:09 - 2020-03-12 00:09 - 000000000 ____D C:\Program Files (x86)\Project64 2.1
2020-03-11 23:30 - 2020-04-02 21:02 - 000000000 ____D C:\Juegos Portables
2020-03-08 23:44 - 2020-03-25 02:07 - 000000000 ____D C:\Users\Pichulodance\Documents\My Games
2020-03-08 23:44 - 2020-03-08 23:44 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\SKIDROW
2020-03-08 23:26 - 2020-03-08 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Choplifter HD
2020-03-08 23:20 - 2020-03-08 23:45 - 000000000 ____D C:\Program Files (x86)\Choplifter HD
2020-03-06 18:07 - 2020-03-06 20:24 - 000000000 ____D C:\Users\Pichulodance\Downloads\AS I LAY DYING (USA)
2020-03-06 18:07 - 2020-03-06 18:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Alestorm (Discography)(FLAC)
2020-03-06 18:07 - 2020-03-06 18:32 - 000000000 ____D C:\Users\Pichulodance\Downloads\Shadowkiller - Дискография (2013-2020)
2020-03-06 18:07 - 2020-03-06 18:12 - 000000000 ____D C:\Users\Pichulodance\Downloads\As I Lay Dying - Shaped by Fire (2019)
2020-03-05 23:41 - 2020-03-05 23:46 - 000000000 ____D C:\Users\Pichulodance\Downloads\Allen Olzon - Worlds Apart (2020)
2020-03-05 23:41 - 2020-03-05 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Ross the Boss - Born of Fire (2020)
2020-03-05 23:40 - 2020-04-02 12:54 - 000000000 ____D C:\Users\Pichulodance\Downloads\Khymera - Master Of Illusions (2020)
2020-03-05 23:40 - 2020-03-05 23:42 - 000000000 ____D C:\Users\Pichulodance\Downloads\Brave
2020-03-05 10:11 - 2020-03-05 10:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Whitesnake - Flesh & Blood (2019)
2020-03-05 10:09 - 2020-03-05 13:56 - 000000000 ____D C:\Users\Pichulodance\Downloads\Rata Blanca - Tormenta Eléctrica 2015
2020-03-05 10:09 - 2020-03-05 10:20 - 000000000 ____D C:\Users\Pichulodance\Downloads\[1989-02-03] - Erwin Events Center, Austin, Texas
2020-03-05 10:08 - 2020-03-05 10:20 - 000000000 ____D C:\Users\Pichulodance\Downloads\Whitesnake - The Purple Tour (Live) (2018)
2020-03-05 09:57 - 2020-03-05 11:56 - 000000000 ____D C:\Users\Pichulodance\Downloads\Scorpions - 2015 - Return to Forever (Deluxe Edition)
2020-03-05 09:45 - 2020-03-05 15:15 - 000000000 ____D C:\Users\Pichulodance\Downloads\Stormwarrior
2020-03-05 09:44 - 2020-03-05 10:02 - 000000000 ____D C:\Users\Pichulodance\Downloads\Skid Row - Skid Row (30th Anniversary Deluxe Edition) (2019)
2020-03-05 09:43 - 2020-03-05 16:21 - 000000000 ____D C:\Users\Pichulodance\Downloads\Warrant - Cherry Pie (Rock Candy Remastered 2017)
2020-03-05 09:43 - 2020-03-05 15:34 - 000000000 ____D C:\Users\Pichulodance\Downloads\Whitesnake - Unzipped (Super Deluxe Edition) (2018)
2020-03-05 09:43 - 2020-03-05 13:41 - 000000000 ____D C:\Users\Pichulodance\Downloads\Rage - Long Hard Road (2017)(Japanese Edition)
2020-03-05 09:43 - 2020-03-05 11:30 - 000000000 ____D C:\Users\Pichulodance\Downloads\Vision Divine - Best Of (2017)
2020-03-05 09:42 - 2020-03-05 12:07 - 000000000 ____D C:\Users\Pichulodance\Downloads\Sebastian Bach - American Metalhead (Compilation)
2020-03-05 09:42 - 2020-03-05 11:34 - 000000000 ____D C:\Users\Pichulodance\Downloads\Vhaldemar - Black Thunder (Compilation)
2020-03-05 09:41 - 2020-03-06 19:26 - 000000000 ____D C:\Users\Pichulodance\Downloads\Septimo Angel
2020-03-05 09:41 - 2020-03-05 19:14 - 000000000 ____D C:\Users\Pichulodance\Downloads\Voice
2020-03-05 09:41 - 2020-03-05 17:38 - 000000000 ____D C:\Users\Pichulodance\Downloads\Symphony X
2020-03-05 09:41 - 2020-03-05 15:21 - 000000000 ____D C:\Users\Pichulodance\Downloads\Racer X - The Best of (compil) (2010)
2020-03-05 09:41 - 2020-03-05 14:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Steel Prophet - Omniscient 2014
2020-03-05 09:41 - 2020-03-05 13:38 - 000000000 ____D C:\Users\Pichulodance\Downloads\Sinner - Santa Muerte (Japanese Edition) (2019)
2020-03-05 09:41 - 2020-03-05 12:08 - 000000000 ____D C:\Users\Pichulodance\Downloads\Primal Fear - Apocalypse (Japanese Edition) (2018)
2020-03-05 09:41 - 2020-03-05 12:01 - 000000000 ____D C:\Users\Pichulodance\Downloads\Stratovarius - Enigma Intermission 2 (2018)
2020-03-05 09:41 - 2020-03-05 11:39 - 000000000 ____D C:\Users\Pichulodance\Downloads\Whitesnake - Slide It In (The Ultimate Special Edition) (6CD) (2019)
2020-03-05 09:41 - 2020-03-05 10:49 - 000000000 ____D C:\Users\Pichulodance\Downloads\The Cult - 2019 - Sonic Temple 30th Anniversary Edition
2020-03-05 09:41 - 2020-03-05 10:34 - 000000000 ____D C:\Users\Pichulodance\Downloads\Virgin Steele - Ghost Harvest - Vintage II - Red Wine For Warning (2018)
2020-03-05 09:41 - 2020-03-05 10:27 - 000000000 ____D C:\Users\Pichulodance\Downloads\Warcry - Donde el Silencio Se Rompió... (2017)
2020-03-05 09:40 - 2020-03-05 20:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Saxon - Solid Book of Rock (Deluxe Earbook) (11CD)
2020-03-05 09:40 - 2020-03-05 14:00 - 000000000 ____D C:\Users\Pichulodance\Downloads\Zakk Wylde - Covers The Classics (2002)
2020-03-05 09:40 - 2020-03-05 11:12 - 000000000 ____D C:\Users\Pichulodance\Downloads\Whitesnake - 1987 (30th Anniversary) (Remastered 2017)
2020-03-05 09:40 - 2020-03-05 11:08 - 000000000 ____D C:\Users\Pichulodance\Downloads\Reign - Now & Forever (2014)
2020-03-05 09:40 - 2020-03-05 11:02 - 000000000 ____D C:\Users\Pichulodance\Downloads\Vision Divine - When All the Heroes Are Dead (2019)
2020-03-05 09:40 - 2020-03-05 10:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Steel Raiser - Acciaio (2019)
2020-03-05 09:40 - 2020-03-05 10:33 - 000000000 ____D C:\Users\Pichulodance\Downloads\Virgin Steele - Gothic Voodoo Anthems (Album)2018
2020-03-05 09:40 - 2020-03-05 10:11 - 000000000 ____D C:\Users\Pichulodance\Downloads\Warcry - Momentos (2017)
2020-03-05 09:40 - 2020-03-05 09:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Savatage - 2013 - The Lost Tracks
2020-03-05 00:36 - 2020-03-06 19:40 - 000000000 ____D C:\Users\Pichulodance\Downloads\Pretty Maids - A Blast From The Past (12CD Boxset) (2019)
2020-03-05 00:36 - 2020-03-05 13:36 - 000000000 ____D C:\Users\Pichulodance\Downloads\Sebastian Bach - Give 'Em Hell (Japan Edition) (2014)
2020-03-05 00:36 - 2020-03-05 12:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Kai Hansen - Hansen Worx (Japanese Edition) 1998
2020-03-05 00:35 - 2020-03-05 19:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Queen - The Platinum Collection (3CD Box) (Japanese Edition)
2020-03-05 00:35 - 2020-03-05 10:52 - 000000000 ____D C:\Users\Pichulodance\Downloads\Kamelot - The Shadow Theory (Japanese Edition, 2CD) (2018)
2020-03-05 00:13 - 2020-03-05 10:04 - 000000000 ____D C:\Users\Pichulodance\Downloads\Pretty Maids - Undress Your Madness (2019)
2020-03-05 00:12 - 2020-03-05 10:17 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lynyrd Skynyrd - Skynyrd Nation (Compilatin) 2018
2020-03-05 00:12 - 2020-03-05 09:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Fire - Dragonheart (Japanese Edition) (2017)
2020-03-05 00:11 - 2020-03-05 10:13 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Savior - Reforged - Riding On Fire (2CD) (2017)
2020-03-05 00:11 - 2020-03-05 09:40 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lost Horizon - Live At The Gates Of Metal
2020-03-05 00:10 - 2020-03-05 17:36 - 000000000 ____D C:\Users\Pichulodance\Downloads\Ivory Tower
2020-03-05 00:10 - 2020-03-05 15:37 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lost Horizon
2020-03-05 00:10 - 2020-03-05 14:12 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Fire - Dawn of Creation - Twentieth Anniversary (2018)
2020-03-05 00:10 - 2020-03-05 10:18 - 000000000 ____D C:\Users\Pichulodance\Downloads\Manowar - Hail And Kill (Compilation) (2019)
2020-03-05 00:08 - 2020-03-05 18:19 - 000000000 ____D C:\Users\Pichulodance\Downloads\Crystal Eyes
2020-03-05 00:08 - 2020-03-05 09:46 - 000000000 ____D C:\Users\Pichulodance\Downloads\HammerFall - History 2017
2020-03-05 00:08 - 2020-03-05 00:37 - 000000000 ____D C:\Users\Pichulodance\Downloads\FireForce
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-04-04 22:07 - 2020-03-02 22:46 - 000000000 ____D C:\Users\Pichulodance\AppData\LocalLow\Mozilla
2020-04-04 21:37 - 2019-08-18 01:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-04 21:31 - 2009-07-14 01:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-04 21:31 - 2009-07-14 01:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-04 21:23 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-04 20:32 - 2019-08-25 19:43 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\uTorrent
2020-04-04 12:41 - 2019-08-18 00:59 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\vlc
2020-04-03 23:22 - 2009-07-14 01:45 - 005096976 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-03 23:20 - 2019-12-19 22:43 - 000002188 _____ C:\Users\Pichulodance\Desktop\Google Chrome.lnk
2020-04-03 23:20 - 2019-08-14 00:59 - 000001397 _____ C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-04-03 23:19 - 2019-08-14 10:38 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-03 23:03 - 2019-09-07 23:33 - 000000000 ___RD C:\Users\Pichulodance\Desktop\Programas Gral
2020-04-03 23:02 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-04-03 22:58 - 2019-08-16 22:46 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\PhotoScape
2020-04-03 22:48 - 2020-03-02 22:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-03 19:01 - 2009-07-14 02:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-04-03 15:40 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system
2020-04-03 03:17 - 2019-08-16 23:57 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\AIMP
2020-04-03 03:08 - 2019-08-16 00:19 - 000000000 ____D C:\ProgramData\KONAMI
2020-04-03 03:08 - 2009-07-14 02:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-04-03 02:57 - 2019-10-19 01:31 - 000003200 _____ C:\Windows\system32\Tasks\{28036A89-59E8-45E1-92B7-616DF495794C}
2020-04-03 02:57 - 2019-08-19 23:04 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-03 02:57 - 2019-08-19 23:04 - 000004290 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-03 02:57 - 2019-08-19 23:00 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-03 02:57 - 2019-08-19 01:14 - 000003166 _____ C:\Windows\system32\Tasks\{708907DB-FDD0-4976-82CC-C9B7C1706E50}
2020-04-03 02:57 - 2019-08-14 22:44 - 000003238 _____ C:\Windows\system32\Tasks\MovieColorEnhancer
2020-04-03 02:57 - 2019-08-14 01:47 - 000003262 _____ C:\Windows\system32\Tasks\{2B726D0B-0C65-4319-8E6D-F64506AE7BD5}
2020-04-02 22:34 - 2019-09-11 22:25 - 000000000 ____D C:\Program Files (x86)\System Ninja
2020-04-02 22:20 - 2019-09-07 23:34 - 000000000 ___RD C:\Users\Pichulodance\Desktop\Imagen
2020-04-02 22:05 - 2019-12-22 01:52 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-04-02 21:06 - 2019-08-14 00:58 - 000000000 ____D C:\Users\Pichulodance
2020-04-02 21:04 - 2020-02-25 23:04 - 000000000 ____D C:\ProgramData\Downloaded Installations
2020-04-02 21:04 - 2019-12-16 01:40 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-04-02 21:04 - 2019-12-04 23:54 - 000000000 ____D C:\Users\Pichulodance\AppData\LocalLow\Sun
2020-04-02 21:04 - 2019-09-16 00:03 - 000000000 ____D C:\ProgramData\Nero
2020-04-02 21:04 - 2019-09-05 20:16 - 000000000 ____D C:\ProgramData\Apple Computer
2020-04-02 21:04 - 2019-09-05 20:15 - 000000000 ____D C:\ProgramData\Apple
2020-04-02 21:04 - 2019-08-19 23:02 - 000000000 ____D C:\Users\Pichulodance\AppData\LocalLow\Adobe
2020-04-02 21:04 - 2019-08-18 00:40 - 000000000 ____D C:\ProgramData\Licenses
2020-04-02 21:04 - 2019-08-17 23:12 - 000000000 ____D C:\ProgramData\KMSAutoS
2020-04-02 21:04 - 2019-08-17 23:09 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-04-02 21:04 - 2019-08-17 00:19 - 000000000 ____D C:\ProgramData\install_clap
2020-04-02 21:04 - 2019-08-17 00:19 - 000000000 ____D C:\ProgramData\CyberLink
2020-04-02 21:04 - 2019-08-17 00:15 - 000000000 ____D C:\Users\Pichulodance\Documents\Aimp Skins
2020-04-02 21:04 - 2019-08-16 22:58 - 000000000 ____D C:\ProgramData\TechSmith
2020-04-02 21:04 - 2019-08-14 01:45 - 000000000 ____D C:\ProgramData\Samsung
2020-04-02 21:04 - 2018-09-14 10:00 - 000000000 ____D C:\Pack De Iconos
2020-04-02 21:04 - 2018-07-28 02:33 - 000000000 ____D C:\Users\Pichulodance\Documents\One Night Only
2020-04-02 21:04 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2020-04-02 21:03 - 2019-08-17 00:13 - 000000000 ____D C:\ProgramData\MAGIX
2020-04-02 21:03 - 2019-08-16 01:01 - 000000000 ____D C:\ProgramData\Adobe
2020-04-02 12:54 - 2019-08-19 00:21 - 000000000 ____D C:\Users\Pichulodance\Documents\Xion
2020-04-02 12:54 - 2019-08-17 00:34 - 000000000 ____D C:\Users\Pichulodance\Documents\YouCam
2020-04-02 12:52 - 2020-02-14 00:42 - 000000997 _____ C:\Users\Pichulodance\Documents\911.CT.mado
2020-04-02 12:52 - 2020-01-18 00:04 - 000014580 _____ C:\Users\Pichulodance\Documents\Casa.docx.mado
2020-04-02 12:52 - 2019-11-23 00:19 - 000016718 ____H C:\Users\Pichulodance\Desktop\photothumb.db.mado
2020-04-02 12:52 - 2019-11-23 00:00 - 000059726 _____ C:\Users\Vanhelsing\Desktop\ComienzoRe1.mp3.mado
2020-04-02 12:52 - 2019-11-23 00:00 - 000059726 _____ C:\Users\Vanhelsing\Desktop\Comienzo.mp3.mado
2020-04-02 12:52 - 2019-09-16 00:27 - 000000376 _____ C:\Users\Pichulodance\AppData\default.pls.mado
2020-04-02 12:52 - 2019-09-05 19:49 - 000000797 _____ C:\Users\Pichulodance\Documents\001.4ks.mado
2020-04-02 12:51 - 2020-03-01 22:05 - 000000000 ____D C:\Temp
2020-04-02 12:51 - 2019-11-23 00:00 - 000000000 ____D C:\Users\Vanhelsing
2020-04-02 12:51 - 2019-08-18 00:59 - 000000000 ____D C:\Users\Invitado
2020-04-02 12:51 - 2019-08-18 00:59 - 000000000 ____D C:\Users\Administrador
2020-03-30 20:01 - 2019-12-11 00:37 - 000000000 ____D C:\Users\Pichulodance\Documents\KONAMI
2020-03-30 02:11 - 2020-03-02 22:46 - 000001105 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-03-30 02:11 - 2020-03-02 22:46 - 000001105 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-03-29 00:40 - 2019-09-07 23:33 - 000000000 ___RD C:\Users\Pichulodance\Desktop\Reproductores
2020-03-29 00:34 - 2019-08-16 23:57 - 000000000 ____D C:\Program Files (x86)\AIMP
2020-03-27 22:41 - 2019-09-05 20:06 - 000000000 ____D C:\Users\Pichulodance\Documents\My ISO Files
2020-03-27 22:30 - 2019-08-16 00:50 - 000000000 ____D C:\Users\Pichulodance\Documents\Programas Portables
2020-03-25 01:01 - 2019-09-07 23:33 - 000000000 ___RD C:\Users\Pichulodance\Desktop\Audio & Video
2020-03-25 01:00 - 2019-12-16 22:26 - 000000282 __RSH C:\ProgramData\ntuser.pol
2020-03-25 01:00 - 2019-08-16 22:38 - 000000000 ____D C:\ProgramData\TEMP
2020-03-24 22:48 - 2019-08-17 00:20 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-24 22:45 - 2019-08-18 01:20 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-03-24 22:45 - 2019-08-18 01:20 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-03-24 17:28 - 2019-08-16 00:19 - 000000000 ____D C:\Users\Pichulodance\Documents\CPY_SAVES
2020-03-24 00:25 - 2019-08-14 23:39 - 000000000 ____D C:\Windows\Minidump
2020-03-22 23:52 - 2020-02-08 23:26 - 000000000 ____D C:\Program Files\Cheat Engine 7.0
2020-03-22 01:51 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-03-21 23:20 - 2019-08-17 00:45 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Sony
2020-03-20 23:51 - 2019-08-17 00:47 - 000013868 _____ C:\Windows\system32\--traceoff
2020-03-18 23:31 - 2019-12-21 23:38 - 000000000 ____D C:\ProgramData\CheckPoint
2020-03-18 00:55 - 2019-08-19 22:59 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-17 22:49 - 2019-09-01 22:43 - 000000000 ____D C:\Program Files\Common Files\AV
2020-03-13 23:20 - 2020-02-27 00:51 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\TechSmith
2020-03-13 22:52 - 2019-08-18 01:27 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\Adobe
2020-03-13 22:50 - 2019-08-19 23:04 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-03-13 22:50 - 2019-08-19 23:04 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-03-13 22:50 - 2019-08-19 23:04 - 000000000 ____D C:\Windows\system32\Macromed
2020-03-13 22:41 - 2019-12-08 02:02 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-13 00:54 - 2019-08-16 01:00 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\Audacity
2020-03-12 22:41 - 2019-08-19 00:57 - 000003280 _____ C:\Windows\system32\Tasks\{D95541D8-E700-4335-9841-210400F3D8E8}
2020-03-12 22:41 - 2019-08-14 23:46 - 000003280 _____ C:\Windows\system32\Tasks\{505C5617-0BEB-434D-9810-9B5BAEC6120F}
2020-03-12 00:36 - 2019-08-16 22:38 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\AnvSoft
2020-03-12 00:35 - 2019-08-17 00:24 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2020-03-12 00:35 - 2019-08-14 01:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-03-12 00:34 - 2019-08-17 00:23 - 000000000 ____D C:\Program Files (x86)\CyberLink
2020-03-12 00:18 - 2019-08-16 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2020-03-06 20:30 - 2020-03-04 23:42 - 000000000 ____D C:\Users\Pichulodance\Downloads\AC-DC - Japanese Cardboard sleeve (mini LP) (Lossless)
2020-03-06 11:47 - 2019-09-14 23:12 - 000000000 ____D C:\Users\Pichulodance\AppData\Local\ElevatedDiagnostics
2020-03-05 20:08 - 2020-03-04 23:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Angra
2020-03-05 19:54 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\At Vance
2020-03-05 19:51 - 2020-03-04 23:49 - 000000000 ____D C:\Users\Pichulodance\Downloads\Gamma Ray - Alive 95 (Anniversary Edition) (Remastered)
2020-03-05 19:41 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Celesty
2020-03-05 19:01 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Fates Warning - 2017 - Awaken The Guardian Live (2CD)
2020-03-05 18:24 - 2020-03-04 23:57 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lords Of Black
2020-03-05 17:03 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Freedom Call
2020-03-05 15:36 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Axel Rudi Pell
2020-03-05 15:25 - 2020-03-04 23:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Ariadna Project
2020-03-05 14:55 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Avenged Sevenfold - Discography (1999 - 2016)
2020-03-05 14:13 - 2020-03-04 23:43 - 000000000 ____D C:\Users\Pichulodance\Downloads\InnerWish - InnerWish (2016)
2020-03-05 13:48 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Altaria - The Best 2015
2020-03-05 13:33 - 2020-03-04 23:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Astral Experience - Emovere (2016)
2020-03-05 12:48 - 2020-03-04 23:53 - 000000000 ____D C:\Users\Pichulodance\Downloads\Lords Of Black - Icons Of The New Days (Japanese Edition) (2018)
2020-03-05 11:35 - 2020-03-04 23:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Angra - OMNI (Japanese Edition) (2018)
2020-03-05 11:33 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\DragonForce - Extreme Power Metal (Japanese Edition) (2019)(Lossless)
2020-03-05 11:31 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Freedom Call - M.E.T.A.L. (2019) FLAC
2020-03-05 11:18 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Dionysus
2020-03-05 11:17 - 2020-03-04 23:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Blaze Bayley - The Redemption of William Black (Infinite Entanglement Part III) (2018)
2020-03-05 11:15 - 2020-03-04 23:59 - 000000000 ____D C:\Users\Pichulodance\Downloads\Sonata Arctica - Talviyö (Japanese Edition) (2019)
2020-03-05 11:08 - 2020-03-04 23:56 - 000000000 ____D C:\Users\Pichulodance\Downloads\Judas Priest - Firepower (2018)
2020-03-05 10:47 - 2020-03-04 23:43 - 000000000 ____D C:\Users\Pichulodance\Downloads\Accept - Symphonic Terror - Live at Wacken 2017
2020-03-05 10:46 - 2020-03-04 23:43 - 000000000 ____D C:\Users\Pichulodance\Downloads\Accept - Blind Rage (2014)
2020-03-05 10:40 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Axxis - Monster Hero (2018)
2020-03-05 10:38 - 2020-03-04 23:57 - 000000000 ____D C:\Users\Pichulodance\Downloads\Rage - Wings Of Rage (2020) (Japanese Edition)
2020-03-05 10:37 - 2020-03-04 23:50 - 000000000 ____D C:\Users\Pichulodance\Downloads\HammerFall - Glory to the Brave (20 Year Anniversary Edition) (2017)
2020-03-05 10:25 - 2020-03-04 23:55 - 000000000 ____D C:\Users\Pichulodance\Downloads\Rage - Wings of Rage (2020)
2020-03-05 10:22 - 2020-03-04 23:55 - 000000000 ____D C:\Users\Pichulodance\Downloads\Pink Cream 69 - Headstrong (Japanese Edition) (2017)
2020-03-05 10:20 - 2020-03-04 23:57 - 000000000 ____D C:\Users\Pichulodance\Downloads\Revolution Saints - Rise (2020)
2020-03-05 10:17 - 2020-03-04 23:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Airbourne - Diamond Cuts - The B-Sides (2017)
2020-03-05 10:13 - 2020-03-04 23:56 - 000000000 ____D C:\Users\Pichulodance\Downloads\Korpiklaani - Kulkija (2018)
2020-03-05 10:12 - 2020-03-04 23:43 - 000000000 ____D C:\Users\Pichulodance\Downloads\Eclipse
2020-03-05 10:10 - 2020-03-04 23:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\DragonForce - Re-Powered Within (2018)
2020-03-05 10:08 - 2020-03-04 23:54 - 000000000 ____D C:\Users\Pichulodance\Downloads\Herman Frank - Fight the Fear (2019) Mp3
2020-03-05 10:05 - 2020-03-04 23:57 - 000000000 ____D C:\Users\Pichulodance\Downloads\Scorpions - Return To Forever (Premium Edition) (2015)
2020-03-05 10:04 - 2020-03-04 23:58 - 000000000 ____D C:\Users\Pichulodance\Downloads\Queensrÿche - 2015 - Condition Hüman (Lossless)
2020-03-05 10:02 - 2020-03-04 23:53 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Savior - Kill Or Get Killed (Japanese Edition) 2CD
2020-03-05 09:58 - 2020-03-04 23:57 - 000000000 ____D C:\Users\Pichulodance\Downloads\Primal Fear
2020-03-05 09:56 - 2020-03-04 23:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Dekapitator
2020-03-05 09:49 - 2020-03-04 23:53 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Savior - Kill or Get Killed (2019)
2020-03-05 09:48 - 2020-03-04 23:59 - 000000000 ____D C:\Users\Pichulodance\Downloads\Saxon - Demolition Alley
2020-03-05 09:48 - 2020-03-04 23:46 - 000000000 ____D C:\Users\Pichulodance\Downloads\Blaze Bayley - December Wind (2018)
2020-03-05 09:46 - 2020-03-04 23:55 - 000000000 ____D C:\Users\Pichulodance\Downloads\Running Wild - Crossing The Blades (ЕР)(2019)
2020-03-05 09:46 - 2020-03-04 23:53 - 000000000 ____D C:\Users\Pichulodance\Downloads\Iron Fire - Beyond The Void (2019)
2020-03-05 09:44 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Barilari - Infierock (2019)
2020-03-05 09:43 - 2020-03-04 23:56 - 000000000 ____D C:\Users\Pichulodance\Downloads\Serenity - The Last Knight (2020)
2020-03-05 09:43 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Fates Warning - The Ghosts Of Home (Compilation) 2018
2020-03-05 00:36 - 2020-03-04 23:53 - 000000000 ____D C:\Users\Pichulodance\Downloads\Hammerfall - Dominion (Japanese Edition) (2019)
2020-03-05 00:36 - 2020-03-04 23:45 - 000000000 ____D C:\Users\Pichulodance\Downloads\Beast In Black - Дискография (2017-2019)
2020-03-05 00:33 - 2020-03-04 23:46 - 000000000 ____D C:\Users\Pichulodance\Downloads\Blind Guardian Twilight Orchestra - Legacy of the Dark Lands (2019)
2020-03-05 00:32 - 2020-03-04 23:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Crystal Sky - Spell of the Witch (2019)
2020-03-05 00:13 - 2020-03-04 23:54 - 000000000 ____D C:\Users\Pichulodance\Downloads\HammerFall - Dominion (2019)
2020-03-05 00:10 - 2020-03-04 23:47 - 000000000 ____D C:\Users\Pichulodance\Downloads\Crystal Eyes - Starbourne Traveler (2019)
2020-03-05 00:09 - 2020-03-04 23:48 - 000000000 ____D C:\Users\Pichulodance\Downloads\Bruce Dickinson - Road To Hell (Compilation) 2017
2020-03-05 00:08 - 2020-03-04 23:44 - 000000000 ____D C:\Users\Pichulodance\Downloads\Annihilator
==================== Archivos en la raíz de algunos directorios ========
2019-12-08 23:53 - 2019-12-11 00:14 - 000000004 _____ () C:\ProgramData\lock.dat
2019-12-08 23:54 - 2019-12-10 23:53 - 000000004 _____ () C:\ProgramData\rc.dat
2019-12-08 23:53 - 2019-12-08 23:53 - 000000008 _____ () C:\ProgramData\ts.dat
2020-04-03 01:26 - 2020-04-03 01:26 - 000002441 _____ () C:\Users\Pichulodance\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-03-28 13:55
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-03-2020
Ejecutado por Pichulodance (04-04-2020 22:13:44)
Ejecutado desde C:\Users\Pichulodance\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2019-08-14 03:58:35)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-531673451-2895799851-1321659996-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-531673451-2895799851-1321659996-1002 - Limited - Enabled)
Invitado (S-1-5-21-531673451-2895799851-1321659996-501 - Limited - Disabled)
Pichulodance (S-1-5-21-531673451-2895799851-1321659996-1000 - Administrator - Enabled) => C:\Users\Pichulodance
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: AVG Antivirus (Disabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Disabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Disabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
4K Stogram 2.6 (HKLM-x32\...\{678B28E6-9512-46AA-B9B2-D2796E59BCE7}) (Version: 2.6.3.1477 - Open Media LLC)
911 Operator - First Response version 1.0 (HKLM-x32\...\911 Operator - First Response_is1) (Version: 1.0 - PlayWay SA)
ACE COMBAT ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\ACE COMBAT ASSAULT HORIZON Enhanced Edition_is1) (Version: - )
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Audition CS6 (HKLM-x32\...\{2A069423-BB63-4E0E-842B-8535E28CD7F7}_is1) (Version: 5.0.0.708 - El Abuelo Sawa)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_is1) (Version: - )
AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam)
Any DVD Converter Professional 6.3.8 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Any Video Converter Ultimate 6.3.7 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 20.2.3116 - AVG Technologies)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVStoDVD 2.2.6 (HKLM-x32\...\AVStoDVD) (Version: 2.2.6 - MrC)
BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung)
Bonjour (HKLM\...\{0E543634-7E25-4B8F-8D5B-97880E5E5088}) (Version: 2.0.5.0 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Camtasia Studio 7 (HKLM-x32\...\{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}) (Version: 7.0.0 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Cheat Engine 7.0 (HKLM\...\Cheat Engine 7.0_is1) (Version: - Cheat Engine)
Choplifter HD versión 1.0 u1 (HKLM-x32\...\Choplifter HD_is1) (Version: 1.0 u1 - inXile Entertainment)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Crea y dibuja con Disney 2 (HKLM-x32\...\Crea y dibuja con Disney 2) (Version: - )
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0611.0 - CyberLink Corp.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
iTunes (HKLM\...\{BCF07271-A853-4D3A-B668-4B752174CAA8}) (Version: 10.3.1.55 - Apple Inc.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 15.1.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.1.2 - KLCP)
Left 4 Dead (HKLM-x32\...\Left 4 Dead) (Version: - Valve)
Lost Planet Extreme Condition (HKLM-x32\...\{AD281A87-2AD3-4CEB-AF85-468FD84698D8}) (Version: 1.0.0.1 - CapCom)
MAGIX Screenshare (HKLM-x32\...\{36B5C759-4243-48A4-A0C9-CAB0263DFF4C}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{8C37FCE0-C8BE-4EAC-82C1-809F1E6A0E8E}) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Video deluxe 17 Premium Versión para descargar (HKLM-x32\...\{1BFA6275-B17A-41E8-87C3-6971D3EB214A}) (Version: 10.0.0.33 - MAGIX AG) Hidden
MAGIX Video deluxe 17 Premium Versión para descargar (HKLM-x32\...\MAGIX_MSI_Videodeluxe17_premium) (Version: 10.0.0.33 - MAGIX AG)
MAGIX Video deluxe 17 Premium Video Plugins (HKLM-x32\...\{F4457AF1-2B61-470A-AF28-77B9335E9E3C}) (Version: 1.0.0.0 - MAGIX AG)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 74.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 74.0.1 (x64 es-AR)) (Version: 74.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed Most Wanted (HKLM-x32\...\Need for Speed Most Wanted_is1) (Version: - )
Nero 7 Ultra Edition (HKLM-x32\...\{A20A58C4-6784-4B4B-86CC-94E2E3671033}) (Version: 7.02.8637 - Nero AG)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
System Ninja versión 3.2.7 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.2.7 - SingularLabs)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.3 (HKLM-x32\...\UltraISO_is1) (Version: - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vegas Pro 13.0 (64-bit) (HKLM\...\{CFB5504F-BFBC-11E3-8794-F04DA23A5C58}) (Version: 13.0.290 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinSnap (HKLM-x32\...\WinSnap) (Version: 4.0.3 - NTWind Software)
Xion v1.5 (build 160) (HKLM-x32\...\Xion) (Version: 1.5 (build 160) - r2 Studios)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-03-29] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Ningún archivo
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-03-29] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Módulos cargados (Lista blanca) =============
2019-08-14 22:41 - 2010-07-05 19:42 - 000203776 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [252]
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7 [324]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [328]
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
(Si una entrada es incluida en el fixlist, será eliminada del registro.)
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\...\1001movie.com -> 1001movie.com
Hay 6091 más sitios.
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2009-07-13 23:34 - 2020-04-03 23:19 - 000000149 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-531673451-2895799851-1321659996-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pichulodance\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: GoogleChromeElevationService => 2
MSCONFIG\Services: gusvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MEmuSVC => 2
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: SWUpdateService => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VBoxSDS => 3
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^Users^Pichulodance^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^vcawhwge.lnk => C:\Windows\pss\vcawhwge.lnk.Startup
MSCONFIG\startupreg: 015A89I5JY6JJ6A => "C:\Program Files\WADTNRSGQ9\WADTNRSGQ.exe"
MSCONFIG\startupreg: 2110904 => "C:\Users\PICHUL~1\AppData\Local\Temp\is-3FAEN.tmp\Battala.exe" /VERYSILENT
MSCONFIG\startupreg: 299598 => "C:\Users\Pichulodance\AppData\Roaming\0zp2s3clvl3\kfwymhgq1mp.exe" /VERYSILENT
MSCONFIG\startupreg: 4063464 => "C:\Users\Pichulodance\AppData\Roaming\5e20ovin1qo\byerz3pfow4.exe" /VERYSILENT
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DFX => C:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KYO8WQ9XKG6F85Q => "C:\Program Files\B9QFRCC84F\B9QFRCC84.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RazerCortex => "C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe" -autorun
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: TrayServer => C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Version_para_descargar\TrayServer_es.exe
MSCONFIG\startupreg: YouCam Service7 => "C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe" /s
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{F977518E-3F52-434B-BC45-13C51766279B}] => (Allow) C:\Users\Pichulodance\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [{0A5AACB2-84B0-4E44-A0C1-BFCB4D18E7D3}] => (Allow) C:\Users\Pichulodance\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{97624133-AC6A-4E47-8B4D-90309FE1A154}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{092D15BF-E9AE-4BA0-9148-175F6ACBB6BC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F05EE9AA-1485-4A9E-8F8E-371C6821A6ED}] => (Allow) C:\Users\Pichulodance\Documents\Programas Portables\Winamp 5.6.6.3516 Repack Portable\Winamp 5.6.6.3516 Repack Portable\App\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{6DB1C652-424A-4AAE-980B-48E67E2CE679}] => (Allow) C:\Users\Pichulodance\Documents\Programas Portables\Winamp 5.6.6.3516 Repack Portable\Winamp 5.6.6.3516 Repack Portable\App\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{A44F78CF-A63F-498B-A9CD-E95465DAD08B}C:\program files (x86)\capcom\lost planet extreme condition\lostplanetdx10.exe] => (Allow) C:\program files (x86)\capcom\lost planet extreme condition\lostplanetdx10.exe (CAPCOM Co.,Ltd. -> CAPCOM CO., LTD.) [Archivo no firmado]
FirewallRules: [UDP Query User{359E68A3-032E-420B-B391-2E403C2BAD94}C:\program files (x86)\capcom\lost planet extreme condition\lostplanetdx10.exe] => (Allow) C:\program files (x86)\capcom\lost planet extreme condition\lostplanetdx10.exe (CAPCOM Co.,Ltd. -> CAPCOM CO., LTD.) [Archivo no firmado]
FirewallRules: [TCP Query User{9D8451FE-A205-4C7D-B516-06E5C230FBB9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{318CA8A6-E49C-4E47-A696-BB07C3C4B8C8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{47698228-A141-446F-A33D-79ED9FDCE7C4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA7D1606-8A83-4855-9AF8-84C869D2CB4B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Puntos de Restauración =========================
02-04-2020 05:15:19 Punto de control programado
02-04-2020 20:58:03 Operación de restauración
02-04-2020 21:18:32 Instalación del paquete de controladores de dispositivo: AVG Technologies Servicio de red
04-04-2020 21:19:41 Malwarebytes Anti-Rootkit Restore Point
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/04/2020 09:23:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/03/2020 11:22:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/03/2020 10:49:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/03/2020 07:02:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/03/2020 12:23:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/03/2020 03:54:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/02/2020 09:40:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.
Error: (04/02/2020 09:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: firefox.exe, versión: 74.0.0.7373, marca de tiempo: 0x5e662a88
Nombre del módulo con errores: xul.dll, versión: 74.0.0.7373, marca de tiempo: 0x5e662af5
Código de excepción: 0x80000003
Desplazamiento de errores: 0x000000000369a7ec
Id. del proceso con errores: 0x1240
Hora de inicio de la aplicación con errores: 0x01d6094ee4cdd821
Ruta de acceso de la aplicación con errores: C:\Program Files\Mozilla Firefox\firefox.exe
Ruta de acceso del módulo con errores: C:\Program Files\Mozilla Firefox\xul.dll
Id. del informe: 6fd7b82b-7542-11ea-8ecd-b4749fd54da0
Errores del sistema:
=============
Error: (04/03/2020 10:50:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {995C996E-D918-4A8C-A302-45719A6F4EA7} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (04/03/2020 10:48:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.
Ruta de acceso del módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (04/03/2020 10:48:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.
Ruta de acceso del módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (04/03/2020 10:47:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.
Ruta de acceso del módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (04/03/2020 10:47:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.
Error: (04/03/2020 10:47:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/03/2020 10:47:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio FABS - Helping agent for MAGIX media database se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/03/2020 03:57:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protección de software se cerró con el siguiente error:
El medio está protegido contra escritura.
Windows Defender:
===================================
Date: 2020-01-29 01:50:20.877
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{C3BB9AE0-AF8C-44A1-9C83-C4BCF1A15D85}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:Pichulodance-PC\Pichulodance
Date: 2019-08-14 22:55:10.602
Description:
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{4EB42C59-DF0E-4789-8B43-CB555EA9775A}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:Pichulodance-PC\Pichulodance
Date: 2019-08-14 23:45:07.673
Description:
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80096010
Descripción de error:No se comprobó la firma digital del objeto.
Versión de firma:1.95.191.0
Versión de motor:1.1.6402.0
==================== Información de la memoria ===========================
BIOS: Phoenix Technologies Ltd. 04PA.M006.20110615.XW 06/15/2011
Placa base: SAMSUNG ELECTRONICS CO., LTD. RV411/RV511/E3511/S3511/RV711/E3411
Procesador: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Porcentaje de memoria en uso: 93%
RAM física total: 2932.56 MB
RAM física disponible: 177.01 MB
Virtual total: 5863.27 MB
Virtual disponible: 2518.6 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:185.44 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0C4E138D)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================Hola @Spyrobot_2079
Estoy analizando tus reportes de FRST para dejarte respuesta, pero de casualidad Malwarebytes Anti-Rootkits no te dejo otro log?, ya que suele dar dos
Realiza lo siguiente:
Abre un nuevo archivo Notepad y copia y pega este contenido:
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {1FB7BDA7-3E3D-4ED4-A648-F6B86824A020} - System32\Tasks\{708907DB-FDD0-4976-82CC-C9B7C1706E50} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\setup.exe -d C:\Users\Pichulodance\Desktop
Task: {36DC7E05-54DE-4ACB-9871-78259BCEE0E8} - System32\Tasks\{2B726D0B-0C65-4319-8E6D-F64506AE7BD5} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\QCA_WLAN_Driver_1.0.0.1\setup.exe -d C:\Users\Pichulodance\Desktop\QCA_WLAN_Driver_1.0.0.1
Task: {3DF2BB07-0FFE-4E53-8181-9F2C29B547B6} - System32\Tasks\{39E0EA4D-1828-4E46-9E27-DFBFD609F22B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Pichulodance\Desktop\PE.4.0.AmasDiez\PesEdit 4.0 A+10\Installer.exe" -d "C:\Users\Pichulodance\Desktop\PE.4.0.AmasDiez\PesEdit 4.0 A+10"
Task: {5869C11C-D15C-44BD-AE94-374FF23B940C} - \GoogleUpdateTaskMachineUA -> Ningún archivo <==== ATENCIÓN
Task: {6E688DA2-EE1A-4592-961A-9620C9A82C10} - System32\Tasks\{D95541D8-E700-4335-9841-210400F3D8E8} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.0.8\setup.exe -d C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.0.8
Task: {C2383190-E547-4F2A-9910-AEC0764E0830} - System32\Tasks\{505C5617-0BEB-434D-9810-9B5BAEC6120F} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.1.5\setup.exe -d C:\Users\Pichulodance\Desktop\Recovery_Solution_5_5.0.1.5
Task: {D4877469-33FA-4414-860A-FAF5FA23D1B6} - \GoogleUpdateTaskMachineCore -> Ningún archivo <==== ATENCIÓN
Task: {D77FAF9F-74DF-415B-B625-439C68DC5C38} - System32\Tasks\{28036A89-59E8-45E1-92B7-616DF495794C} => C:\Windows\system32\pcalua.exe -a C:\Users\Pichulodance\Desktop\Intel_Wireless_Display.exe -d C:\Users\Pichulodance\Desktop
Task: {E8A61068-60A8-4AF5-9775-C990638C40E0} - \KMSAutoNet -> Ningún archivo <==== ATENCIÓN
SearchScopes: HKLM-x32 -> DefaultScope no se encuentra el valor
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - Ningún archivo
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} - Ningún archivo
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Ningún archivo]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\xhi5cpil4hq
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Users\Pichulodance\AppData\Roaming\it1pjpqahfo
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Program Files\70OE1LMH5V
2020-04-03 03:54 - 2020-04-03 03:54 - 000000000 ____D C:\Program Files\1XTJU8W8U9
2020-04-02 21:09 - 2020-04-03 15:34 - 000000000 ____D C:\Program Files (x86)\GOQILEkd
2020-04-02 12:49 - 2020-04-02 12:50 - 000000000 ____D C:\ProgramData\9EP2E6TDKYPKLSE7MFU402NWJ
2019-12-08 23:53 - 2019-12-11 00:14 - 000000004 _____ () C:\ProgramData\lock.dat
2019-12-08 23:54 - 2019-12-10 23:53 - 000000004 _____ () C:\ProgramData\rc.dat
2019-12-08 23:53 - 2019-12-08 23:53 - 000000008 _____ () C:\ProgramData\ts.dat
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Ningún archivo
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Ningún archivo
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Ningún archivo
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\Windows\System32:tdsrset.gfc [5846]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [252]
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7 [324]
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [328]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
MSCONFIG\startupreg: 015A89I5JY6JJ6A => "C:\Program Files\WADTNRSGQ9\WADTNRSGQ.exe"
C:\Program Files\WADTNRSGQ9
MSCONFIG\startupreg: 2110904 => "C:\Users\PICHUL~1\AppData\Local\Temp\is-3FAEN.tmp\Battala.exe" /VERYSILENT
MSCONFIG\startupreg: 299598 => "C:\Users\Pichulodance\AppData\Roaming\0zp2s3clvl3\kfwymhgq1mp.exe" /VERYSILENT
C:\Users\Pichulodance\AppData\Roaming\0zp2s3clvl3
MSCONFIG\startupreg: 4063464 => "C:\Users\Pichulodance\AppData\Roaming\5e20ovin1qo\byerz3pfow4.exe" /VERYSILENT
C:\Users\Pichulodance\AppData\Roaming\5e20ovin1qo
MSCONFIG\startupreg: KYO8WQ9XKG6F85Q => "C:\Program Files\B9QFRCC84F\B9QFRCC84.exe"
C:\Program Files\B9QFRCC84F
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.
Nos comentas como sigue el problema.
Salu2.
Buenos Dias.
Perdon, recien veo el otro reporte:
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2017.10.25.11
rootkit: v2017.10.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.19596
Pichulodance :: PICHULODANCE-PC [administrator]
04/04/2020 08:35:56 p.m.
mbar-log-2020-04-04 (20-35-56).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 324608
Time elapsed: 33 minute(s), 49 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999} (Trojan.Agent) -> Delete on reboot. [1798fce342674aec971ce85cc83ab24e]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)Hola
Sobre el Fix, que presiono, no aparece un fix.
Hola. 
Solo entro para comentarte, debes pulsar en el botón/opción que indica “Corregir”, la herramienta se tradujo recientemente al castellano y anteriormente al estar en Inglés era FIX = Corregir.
Saludos.
Hola El log no aparece en el escritorio.
Hola @Spyrobot_2079
Reiniciaste el equipo? Deberías tener un reporte llamado Fixlog.txt en tu escritorio.
En cuanto a Malwarebytes Anti-Rootkit no eliminaste lo que te detecto, revisa nuevamente su Manual especialmente para saber como eliminar las infecciones y lo vuelves a ejecutar.
Gracias @JavierHF
Salu2
Hola
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2020.04.05.05
rootkit: v2020.04.05.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.19596
Pichulodance :: PICHULODANCE-PC [administrator]
05/04/2020 09:41:54 p.m.
mbar-log-2020-04-05 (21-41-54).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 222705
Time elapsed: 36 minute(s), 10 second(s)
Memory Processes Detected: 2
C:\Windows\system\explorer.exe (Backdoor.Agent.Generic) -> 1704 -> Delete on reboot. [9b9e2c88775fa4921b1f16dd09f95ea2]
C:\Windows\system\svchost.exe (Backdoor.Agent.Generic) -> 340 -> Delete on reboot. [b4859e16f7dfd561b981faf9ca3812ee]
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666} (Trojan.Agent) -> Delete on reboot. [50e9cde7766039fdc06950a52ad6748c]
Registry Values Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Explorer (Backdoor.Agent.Generic) -> Data: c:\windows\system\explorer.exe RO -> Delete on reboot. [9b9e2c88775fa4921b1f16dd09f95ea2]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Svchost (Backdoor.Agent.Generic) -> Data: c:\windows\system\svchost.exe RO -> Delete on reboot. [b4859e16f7dfd561b981faf9ca3812ee]
Registry Data Items Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell (Backdoor.Agent.Generic) -> Bad: (c:\windows\system\explorer.exe) Good: () -> Replace on reboot. [9b9e2c88775fa4921b1f16dd09f95ea2]
Folders Detected: 5
C:\ProgramData\KMSAutoS (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
C:\ProgramData\KMSAutoS\bin (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
C:\ProgramData\KMSAutoS\bin\driver (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
C:\ProgramData\KMSAutoS\bin\driver\x64TAP1 (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
C:\ProgramData\KMSAutoS\bin\driver\x64TAP2 (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
Files Detected: 8
C:\Windows\system\explorer.exe (Backdoor.Agent.Generic) -> Delete on reboot. [9b9e2c88775fa4921b1f16dd09f95ea2]
C:\Windows\system\svchost.exe (Backdoor.Agent.Generic) -> Delete on reboot. [b4859e16f7dfd561b981faf9ca3812ee]
C:\Users\Pichulodance\AppData\Roaming\mrsys.exe (Backdoor.Agent.Generic) -> Delete on reboot. [f940ded6aa2ce74f3307639004fe7789]
C:\Users\Pichulodance\AppData\Local\icsys.icn.exe (Backdoor.Agent.Generic) -> Delete on reboot. [38010da72ea8f343e75332c1fe0409f7]
C:\Users\Pichulodance\AppData\Local\stsys.exe (Backdoor.Agent.Generic) -> Delete on reboot. [55e4654f785e6ec8a397db1823dfe21e]
C:\Windows\system\spoolsv.exe (Backdoor.Agent.Generic) -> Delete on reboot. [f4458e26b42266d050ea49aa91712ad6]
C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\tap0901.cat (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.cat (HackTool.KMS) -> Delete on reboot. [43f68331d105ea4ccef6d338f30da35d]
Physical Sectors Detected: 0
(No malicious items detected)
(end)---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.19596
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.128000 GHz
Memory total: 3075014656, free: 1126518784
Downloaded database version: v2020.04.05.05
Downloaded database version: v2020.04.05.05
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
04/05/2020 21:41:42
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\avgRvrt.sys
\SystemRoot\system32\drivers\avgVmm.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\avgbuniv.sys
\SystemRoot\system32\drivers\avgbidsh.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\avgSP.sys
\SystemRoot\system32\drivers\avgSnx.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\avgKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\avgRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\drivers\avgNetHub.sys
\SystemRoot\system32\DRIVERS\avgNetNd6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\??\C:\Windows\system32\Drivers\SABI.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\drivers\avgbidsdriver.sys
\SystemRoot\system32\drivers\avgArPot.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\CLMirrorDriver.sys
\SystemRoot\system32\drivers\anvsnddrv.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\clwvd7.sys
\SystemRoot\system32\drivers\dfx12x64.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\drivers\monitor.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\drivers\bthpan.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\avgMonFlt.sys
\SystemRoot\system32\drivers\avgStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\SysWOW64\speedfan.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\45580760.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\advapi32.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\kernel32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\sechost.dll
\Windows\System32\gdi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\shlwapi.dll
\Windows\System32\shell32.dll
\Windows\System32\psapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\ole32.dll
\Windows\System32\user32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\msctf.dll
\Windows\System32\oleaut32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\setupapi.dll
\Windows\System32\usp10.dll
\Windows\System32\nsi.dll
\Windows\System32\normaliz.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\difxapi.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\userenv.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
Done!
Scan started
Database versions:
main: v2020.04.05.05
rootkit: v2020.04.05.05
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80032c5060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80032c4540, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80032c5060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003149060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C4E138D
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 206848 Numsec = 976562176
Partition is bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800968a790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009676430, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800968a790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80048ec310, DeviceName: \Device\00000080\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B5EC6BC
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 137 Numsec = 3841911
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 1967128576 bytes
Sector size: 512 bytes
Done!
Infected: C:\Windows\system\explorer.exe --> [Backdoor.Agent.Generic]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Explorer --> [Backdoor.Agent.Generic]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell --> [Backdoor.Agent.Generic]
Infected: C:\Windows\system\explorer.exe --> [Backdoor.Agent.Generic]
Infected: C:\Windows\system\svchost.exe --> [Backdoor.Agent.Generic]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Svchost --> [Backdoor.Agent.Generic]
Infected: C:\Windows\system\svchost.exe --> [Backdoor.Agent.Generic]
Infected: C:\Users\Pichulodance\AppData\Roaming\mrsys.exe --> [Backdoor.Agent.Generic]
Infected: HKU\S-1-5-21-531673451-2895799851-1321659996-1000\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666} --> [Trojan.Agent]
Infected: C:\Users\Pichulodance\AppData\Local\icsys.icn.exe --> [Backdoor.Agent.Generic]
Infected: C:\Users\Pichulodance\AppData\Local\stsys.exe --> [Backdoor.Agent.Generic]
Infected: C:\Windows\system\spoolsv.exe --> [Backdoor.Agent.Generic]
Infected: C:\ProgramData\KMSAutoS --> [HackTool.KMS]
Infected: C:\ProgramData\KMSAutoS\bin --> [HackTool.KMS]
Infected: C:\ProgramData\KMSAutoS\bin\driver --> [HackTool.KMS]
Infected: C:\ProgramData\KMSAutoS\bin\driver\x64TAP1 --> [HackTool.KMS]
Infected: C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\tap0901.cat --> [HackTool.KMS]
Infected: C:\ProgramData\KMSAutoS\bin\driver\x64TAP2 --> [HackTool.KMS]
Infected: C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.cat --> [HackTool.KMS]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================Hola @Spyrobot_2079
Es extraño.
Elimina los reportes anteriores que tienes de FRST y Adittion en tu escritorio, y vuelve a ejecutar FRST tal como te lo indique en el Post 5
No olvides ejecutar la herramienta (FRST) como Administrador, esperamos los dos reportes.
Ademas comenta si aun te persisten los problemas.
Salu2