En el mensaje de la ventana del Disclaimer, pulsamos Yes
En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Pon los dos reportes generados.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Ricardo (29-07-2019 18:38:31)
Running from C:\Users\Ricardo\Downloads
Windows 10 Home N Version 1809 17763.615 (X64) (2019-02-01 19:31:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1621665563-1515332978-2589713378-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1621665563-1515332978-2589713378-503 - Limited - Disabled)
Invitado (S-1-5-21-1621665563-1515332978-2589713378-501 - Limited - Disabled)
Ricardo (S-1-5-21-1621665563-1515332978-2589713378-1001 - Administrator - Enabled) => C:\Users\Ricardo
WDAGUtilityAccount (S-1-5-21-1621665563-1515332978-2589713378-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Actualización de NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Age of Wonders III Eternal Lords (HKLM-x32\...\Age of Wonders III Eternal Lords_is1) (Version: - )
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version: - AOMEI Technology Co., Ltd.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Disciples III Renaissance - Steam Special Edition (HKLM-x32\...\Disciples III Renaissance - Steam Special Edition_is1) (Version: - )
Disciples III: Resurrection (HKLM-x32\...\{AED2C31B-91E5-481f-9E77-D3D6F68B3206}_is1) (Version: - .DAT)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.71 - NVIDIA Corporation) Hidden
Driver Easy 5.6.12 (HKLM\...\DriverEasy_is1) (Version: 5.6.12 - Easeware)
Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Heroes of Annihilated Empires (HKLM-x32\...\Heroes of Annihilated Empires_is1) (Version: - GOG.com)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Movavi Video Editor 15 Plus (HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\Movavi Video Editor 15 Plus) (Version: 15.0.0 - Movavi)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Panel de control de NVIDIA 431.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.36 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8612 - Realtek Semiconductor Corp.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Warhammer 40000 Sanctus Reach MULTi4 - ElAmigos versión 1.2.2 (HKLM-x32\...\{97F321AA-D70C-4E89-8A47-097301C61338}_is1) (Version: 1.2.2 - Slitherine Ltd.)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XCOM 2 Digital Deluxe Edition MULTi11 - ElAmigos versión 1.0 u11 (HKLM-x32\...\{5B33B979-8F2B-4A3A-AAF6-76C0C216321D}_is1) (Version: 1.0 u11 - 2K)
Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-06-28 11:48 - 2019-06-28 11:48 - 085602816 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\libcef.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000089600 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\libEGL.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 003841536 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\libGLESv2.dll
2019-07-07 14:16 - 2019-07-07 14:16 - 000068608 _____ () [File not signed] C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
2019-06-28 11:48 - 2019-06-28 11:48 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\fmod.dll
2019-02-09 22:52 - 2016-12-07 20:44 - 000373248 _____ (IntelleSoft) [File not signed] C:\Users\Ricardo\Downloads\XMouseButtonControl 2.18.2 Portable\64bit (x64)\BugTrapU-x64.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000596992 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\chrome_elf.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\audio\qtaudio_windows.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qgif.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qico.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qjpeg.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qmng.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qsvg.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\imageformats\qtiff.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\platforms\qwindows.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQml\Models.2\modelsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick.2\qtquick2plugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\qml\QtQuick\Window.2\windowplugin.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Core.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Gui.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Multimedia.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Network.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Qml.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Quick.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5QuickControls2.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5QuickTemplates2.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Svg.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Widgets.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5WinExtras.dll
2019-06-28 11:48 - 2019-06-28 11:48 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11266\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\localhost -> localhost
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2019-07-19 17:27 - 002097556 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 app.drivereasy.com
127.0.0.1 cdn.drivereasy.com
149.202.196.40 dow0.drivereasy.com
149.202.196.40 dow1.drivereasy.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ricardo\Downloads\rey hielo.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{16BA5E5E-EC54-4521-A4B1-BF86C1B9AE63}] => (Allow) LPort=1688
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{F56384FA-D89C-4A1F-A9CD-62ADF3236A56}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{AAC5352E-77E5-42A0-A47F-7561F86AA114}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C127AAD8-0EAB-4018-BE8B-EC9F579F14AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{2B5DCCCA-DBF1-4CA4-AC7A-63AFF8E3E4D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{22E051D9-1755-4B1E-BD48-3BD4AACEFE82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3FBA9AC-1CC3-4887-9F4D-1DA8D6A5AE11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AB8472C-B5A6-43B0-B71E-8DFED5A9FBD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [TCP Query User{68C08FE5-924A-4B40-87F3-FD7C529865AD}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{5F8906AC-F649-43B7-B349-6BFEFA0A7BBE}C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{04621066-C6D8-4DDC-8A14-8771487125D1}C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{5D783F13-E8CC-4D6E-9E4A-5C6BCAB05FC6}C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base75025\sc2.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{79F6E598-99AE-4C93-BB50-A059547760CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-07-2019 21:38:51 End of disinfection
==================== Faulty Device Manager Devices =============
Name: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Description: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/29/2019 04:56:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/29/2019 04:46:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/29/2019 04:45:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (07/29/2019 03:26:28 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/29/2019 03:26:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (07/29/2019 01:56:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (07/29/2019 01:56:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (07/29/2019 11:35:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=7b9e1751-a8da-4f75-9560-5fadfe3d8e38;NotificationInterval=1440;Trigger=NetworkAvailable
System errors:
=============
Error: (07/29/2019 04:45:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscBrokerManager
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (07/29/2019 04:45:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.SecurityAppBroker
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Error: (07/29/2019 04:40:02 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1115" al intentar iniciar el servicio SecurityHealthService con argumentos "No disponible" para ejecutar el servidor:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}
Windows Defender:
===================================
Date: 2019-07-19 17:01:35.078
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos.
Date: 2019-07-19 17:01:35.078
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos.
Date: 2019-07-19 17:01:35.077
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos.
Date: 2019-07-19 17:01:35.070
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos.
Date: 2019-07-19 17:01:35.070
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.295.697.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual:
Versión de motor anterior: 1.1.16000.6
Código de error: 0x800706d9
Descripción del error: No hay más extremos disponibles desde el asignador de extremos.
CodeIntegrity:
===================================
Date: 2019-07-28 21:39:09.840
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-07-27 21:33:38.278
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-27 21:33:38.272
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-27 21:33:38.250
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-27 21:33:38.244
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-27 11:16:10.655
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-07-26 17:41:11.616
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-07-26 17:41:11.086
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.00 07/18/2017
Motherboard: ASRock A320M-DGS
Processor: AMD Ryzen 3 1300X Quad-Core Processor
Percentage of memory in use: 54%
Total physical RAM: 8125.1 MB
Available physical RAM: 3725.96 MB
Total Virtual: 9405.1 MB
Available Virtual: 3745.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:445.71 GB) (Free:256.84 GB) NTFS
Drive d: (Age of Wonders III Eternal Lords) (CDROM) (Total:3.79 GB) (Free:0 GB) UDF
Drive i: (Elements) (Fixed) (Total:1397.23 GB) (Free:277.94 GB) NTFS
\\?\Volume{afb0463e-f92e-4117-8b12-1f9e35149c1e}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
\\?\Volume{95b8805e-6fe7-456e-a099-8a1cb485ce5c}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{677bc9ea-927e-454b-91c6-c24813a6ca89}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397.2 GB) (Disk ID: 375F8366)
Partition 1: (Not Active) - (Size=1397.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Desinstala SpyHunter. Elige el modo avanzado de desinstalación.
No descargaste ni ejecutaste FRST desde el escritorio como te indiqué, muevelo allí si no no funcionará el siguiente paso.
MUY Importante Realiza una copia de seguridad del registro :
Para hacerlo descarga DelFix.exe( en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red
Con los demás programas cerrados ve a InicioEjecutar y escribe Notepad.exe.
Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe"
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXTen el escritorioEsto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Hola tengo problemas con el primer punto, con el revo uninstaller no encuentro el spyhunter, intenté ir a a la ubicación del archivo y no encuentro el desinstalador, tampoco desde el paner de control->programas y características
Edito: Estaba buscando maneras y programas para desinstalarlo por internet pero creo que lo mejor es esperar a que me respondas, un saludo
Te lo comentaba porque hay videos de como eliminarlo manualmente pero no quería hacerlo sin tu consejo ya que yo ne se mucho de informática y no quiero hacer nada que pueda estropear mas mi ordenador.
La verdad es que no se que me quieres decir con la respuesta, acaso quieres decir que pase al siguiente paso?
EDIT: dado que no he podido eliminar el spyhunter y pasaba al siguiente punto me surge la duda de a que te refieres con la copia de seguridad del registro
En las indicaciones que te di está bien explicado.
Ejecuta Delfix como administrador, marca solo la que te indico con la flecha y haces clic en Run, esperas a que termine, guarda el informe pero no lo tienes que poner aquí.
si si, eso lo hice, solo me aparece el informe y lo guardé,
Pase al segundo paso, el de modo seguro pues no aparece la opción iniciar “modo seguro de windows sin función de red” solo las opciones modo seguro y modo seguro con función de red,
le di a modo seguro y por si acaso desenchufe el router. Y bueno copie el texto en donde dices
Aqui esta lo que me pediste, espero que te sirva,
EDITO: NO ME SALE PONERLO CON EL CODE, no se como hacerlo, lo he intentado pero no debe de salir bien, aqui lo puse con la opción del bocadillo, tambier con la opción de los corchetes " pero no me sale, lo siento
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Ricardo (30-07-2019 19:21:05) Run:1
Running from C:\Users\Ricardo\Desktop
Loaded Profiles: Ricardo (Available Profiles: Ricardo)
Boot Mode: Normal
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe"
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f104d951-1c0f-11e9-b904-7085c25aa4df} => removed successfully
A ver ahora que tal, los quotes estos se me dan fatal por cierto
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by Ricardo (30-07-2019 19:21:05) Run:1
Running from C:\Users\Ricardo\Desktop
Loaded Profiles: Ricardo (Available Profiles: Ricardo)
Boot Mode: Normal
==============================================
fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\...\MountPoints2: {f104d951-1c0f-11e9-b904-7085c25aa4df} - "D:\setup.exe"
BootExecute: autocheck autochk * sh4native Sh4Removal
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__190309__yaie
CHR Extension: (Chrome Media Router) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
2019-07-19 21:47 - 2019-07-19 22:55 - 000000000 ___HD C:\81j5nK9stWptlwlB
2019-07-19 20:27 - 2019-07-19 23:18 - 000000000 ____D C:\Program Files (x86)\SpyHunter Malware Security Suite
2019-07-19 20:26 - 2019-07-19 20:26 - 000000000 ____D C:\Users\Ricardo\Downloads\SH42564782
FirewallRules: [UDP Query User{412273ED-85CC-4D17-B7AD-C46E91C65D8D}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{584469AD-5DCE-4F71-A66A-5B64F4DB83B2}C:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{868A54DF-CF86-4BA7-B690-93E19C730CBD}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{171E0803-254E-4E4A-85B9-0B75807375F0}C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) C:\games\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{5D28F50B-C2FA-4F8E-B907-02ABD0F3EE0B}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [{C110C34B-2ADD-4CFE-9107-03655A752D76}] => (Allow) H:\3dsmax7\3dsmax.exe No File
FirewallRules: [TCP Query User{FF2EB3EA-1D38-42BE-9239-1F0EE60A0F5C}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
FirewallRules: [UDP Query User{B8ED7E9C-8C84-4B4E-9C33-631B9A8919C0}H:\games\age of wonders iii eternal lords\aow3.exe] => (Allow) H:\games\age of wonders iii eternal lords\aow3.exe No File
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1621665563-1515332978-2589713378-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f104d951-1c0f-11e9-b904-7085c25aa4df} => removed successfully
*Se me olvidó comentarte como me dijiste que te informara acerca del problema, bueno el problema persiste, mm acaso debería haberse solucionado¿? pues la verdad que no, ;(
Eh hola pero he puesto todo lo que está en el documento fixlog.txt
Por cierto el ordenador me va raro, por ejemplo no me guarda las cosas, por ejemplo los documentos de word, etc y con otros programas lo mismo, los iconos de la barra de herramientas no me aparecen aunque figuran como anclados cuando los pongo, etc
Por ejemplo con word me dice compruebe que el disco no esté lleno, protegido contra escritura o dañado, obviamente el disco tengo espacio de sobra
El disco lo acabo de comprar hace nada espero que no lo haya roto con estos programas que me mandaste