Windows Defender no se deja activar

Hola!

Sigue sin funcionar. Te comento lo realizado.

Respecto al Regedit, el DisableAntiSpyware No existía, así que cree la llave como me indicaste.

Con relación a los comandos en la consola de comandos, obtuve estos dos mensajes al arrancar de nuevo etos servicios:

net start wuauserv error sistema 87

net start cryptsvc El servicio solicitado ya ha sido iniciado

Y al tratar de actualizar con el windows Update. me manda el siguiente mensaje:

Hubo algunos problemas al instalar las actualizaciones, pero lo volveremos a intentar más tarde. Si sigues viendo este mensaje y quieres buscar en la web o ponerte en contacto con soporte técnico para obtener más información, es posible que este código te sirva de ayuda: (0x80070057)

Saludos y mil gracias.

Vamos a intentar, en primer lugar, arreglar Windows Update. Mientras tanto, tengo que seguir investigando y te comentaré conforme recabe más información.

Para arreglar Windows Update, ve a este link:

Y sigue todos los pasos a partir de Si nada de esto funciona.

Saludos, hablamos.

Hola qué tal!

Hice lo indicado en el link. Algunos de los comandos si se ejecutaron y otros no.

Reinicié y sigue mandando el mismo mensaje de error anterior sobre que no se pudieron instalar las actualizaciones de Windows Update.

Quedo al tanto. Un abrazo y gracias por el apoyo.! :slight_smile:

Vamos a utilizar la herramienta Windows Repair.

:one: Descarga y descomprime Windows Repair Portable en cualquier lugar de fácil acceso.Tweaking.com - Windows Repair Portable

:two: Inicia en modo seguro: Iniciar el PC en modo seguro

:three: Abre la carpeta de Windows Repair e inicia Repair_Windows.exe. Espera a que inicie y ve a la pestaña Repairs-Main y selecciona la opción Open Repairs.

Se abrirá la ventana de reparaciones. En esta dirígete al listado de la parte izquierda y marca las siguientes casillas:

  • 01 - Reset Registry Permissions
  • 02 - Reset File Permissions
  • 03 - Reset Service Permissions
  • 04 - Register SystemFiles
  • 06 - Repair Windows Firewall
  • 10 - Remove Policies set by Infections
  • 14 - Remove Temp Files
  • 16 - Repair Windows Updates
  • 18 - Repair Volume Shadow Copy Service
  • 22 - Repair File Associations
  • 25 - Restore Important Windows Services
  • 26 - Set Windows Services to default Startup
  • 31 - Restore UAC (User Account Control) Settings
  • 32 - Repair Performance Counters

Ya con esto seleccionado das en Start Repairs. Espera pacientemente a que termine. Una vez que lo haga reinicia en modo normal y comprueba si ya funciona Windows Update y Windows Defender.

Saludos.

1 me gusta

Hola!

Ejecuté la utilería que me indicaste y luego sí solucionó el tema del Windows update. Realicé las actualizaciones recomendadas. El Windows defender sigue igual, con las opciones marcadas en gris. Sería bueno volver a correr el windows repair?

Espero tus comentarios. Saludos!

Hola de nuevo.

Tenemos que seguir revisando tu PC, no queda otra.

Vuelve al post número 14 de este hilo: Tengo virus, Windows Defender no se deja activar - nº 14 por Pablo, donde te pido generar los reportes de FRST y repite el procedimiento, subiéndome de nuevo ambos reportes.

Por otro lado, vamos a usar también Farbar Service Scanner. Descargalo aquí: Farbar Service Scanner, en el escritorio.

  • Ejecuta FSS.exe , haciendo clic derecho → ejecutar como administrador.
  • Por defecto está marcada la casilla Internet Services. Marca todas las demás casillas.
  • Pulsa en el botón Scan
  • Se abrirá un Bloc de notas, cuyo contenido necesito que me pases también.

Saludos.

Buanas noches.mi estimado Este es el reporte del FRST.TXT

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 07-07-2021
Ejecutado por Palermo (administrador) sobre PALERMO-PC (ASUS All Series) (08-07-2021 21:39:36)
Ejecutado desde C:\Users\Palermo\Desktop
Perfiles cargados: Palermo
Platform: Windows 10 Pro Versión 21H1 19043.1083 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleFirefoxHost.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\126.4.4618\QtWebEngineProcess.exe <3>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8107808 2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3621588881-1788917359-2937691248-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3621588881-1788917359-2937691248-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3621588881-1788917359-2937691248-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3621588881-1788917359-2937691248-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.msn.com/spar (la entrada de datos tiene 605 más caracteres).
HKU\S-1-5-21-3621588881-1788917359-2937691248-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3621588881-1788917359-2937691248-1001\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Kvisoft Monitor: C:\WINDOWS\system32\KVPrinterMon.dll [122888 2013-09-06] (Kvisoft Co., Ltd -> )
HKLM\...\Print\Monitors\Nitro PDF Port 11.8 Monitor: C:\WINDOWS\system32\NxPrinterMonitor11.dll [749664 2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {014ABC5D-7091-4CAA-9D0A-ABBB12603E57} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141128 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DF5F9F6-F42A-4AD7-AF90-21321B01FB5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {15F95B3F-8C6B-40BE-BE72-10B2917772B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16A13235-5473-47F8-959B-30D44D01F638} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {175D80C9-CA7A-479C-B0C9-2D3E77F3218D} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {21B9B3FA-EF22-4F9F-9273-691E36221D02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24314F0C-7DAD-4ADA-A44D-A64ACF992C82} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {29BF42B3-7C03-457B-B4DD-A0F2509B41EB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33FB44EF-395F-44FA-86EF-7170ABF39498} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {366794D7-5DD4-435E-BC4B-1F353B347B45} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {43F1A122-75C8-4523-A33E-7EDD55E4F705} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {47287BD0-E11F-4204-8C78-40CAB6CCAA48} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {51818694-2B12-40B4-AAC8-F0E38A193C9E} - System32\Tasks\{9C368EE6-9637-491B-B655-2342D7F80F9E} => D:\DEMOCOLE\DEMOCOLE.EXE
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5CD6617B-ABAB-4BB2-A893-9EC60994CA71} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5E0DF1BC-EFA0-4010-A6D3-80B178000311} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141128 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {639BD3FA-237F-4FE2-881F-287EC77E36B4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7D84D38B-EE34-41C3-8795-7B3FC21F2B9C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {83E50EBA-49DA-4849-8159-C740370515E9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {847F0774-98DD-4FA7-B2CF-8724FB92731A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8DBA14A5-F173-436B-94A0-013A8B27820C} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {9B5551C9-FF1D-4E4D-A307-C3DF223AFE79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C9E6A7F-A3A3-475A-BC1D-B3F0EF30DF91} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D89FD30-57CE-41CE-AB5A-CCD36F5D4129} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9DC51200-F01C-4B7C-A0C0-3E5CD5561C49} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AAF58327-7DC7-440E-A733-2FF7D51EE392} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AF003DDB-BFCF-49DE-9B71-5A5204BAA702} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFE93910-580D-4DDE-AA4F-DE519ADBB134} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B18E6693-D28B-47DB-A57D-042E44720284} - System32\Tasks\{62DBAE05-B075-478C-B661-7D710629F8F6} => D:\DEMOCOLE\DEMOCOLE.EXE
Task: {B233C526-151D-44DA-A81C-C33EFC55630A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B3EDD279-86AB-4C1E-ADFE-222FDA0A76F5} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B5EDDD63-C568-4829-B3C3-DF1BE220560B} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {B8DDECEE-8ABD-4315-931D-BA7CB917C47F} - System32\Tasks\MicrosoftApi => C:\Users\Palermo\AppData\Roaming\ServiceMicrosoftApi\MicrosoftApi.exe
Task: {B91341D7-0466-4612-AB6E-2830F0A27735} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9988020-5813-4EE7-B5D9-F1D616C1BF71} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BB039554-250B-4B93-B95C-4A09FA030C90} - System32\Tasks\AdobeAAMUpdater-1.0-Palermo-PC-Palermo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C03C6D5C-1B0D-4305-83D0-F8AEBD2A9984} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C5B65D0B-B2BC-4CD4-B915-BA02D27933E4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {C7C4EF7A-D5F8-4AE7-8129-F4BC01DD21EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFF793A8-1184-4EE5-A5D0-0FC943F10443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D37D9A3E-917D-4A15-9B18-1211DCBC2BBE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D9BB3E0E-E596-4829-BF3F-06B35D433FA0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {DD84CB7F-20F8-4180-B7DA-A1856965261F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0D344DE-BB33-45CB-8947-ADB5322AA0EA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E17E73C7-004A-4A00-98D6-B8074A9AA690} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {E2147D84-A2D9-4D69-8D58-8BBAAACDB774} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4541312 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA6A5D81-451C-4F44-BEBF-CB908357E396} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F989B9D5-91EF-43BC-969A-D91363443A63} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFCDC6A4-853F-4C0C-8F08-DC015B447412} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 10.2.9.116 10.2.9.50
Tcpip\..\Interfaces\{604f071e-008e-434f-9de9-90e6e221e4ec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{604f071e-008e-434f-9de9-90e6e221e4ec}: [DhcpNameServer] 10.2.9.116 10.2.9.50

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Palermo\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-08]

FireFox:
========
FF DefaultProfile: y9vwa4zf.default
FF ProfilePath: C:\Users\Palermo\AppData\Roaming\Mozilla\Firefox\Profiles\y9vwa4zf.default [2021-07-08]
FF Notifications: Mozilla\Firefox\Profiles\y9vwa4zf.default -> hxxps://maranhesduve.club; hxxps://www80.darenjarvis.pro; hxxps://0.nextyourcontent.com; hxxps://forospyware.com
FF Extension: (Marcadores de iCloud) - C:\Users\Palermo\AppData\Roaming\Mozilla\Firefox\Profiles\y9vwa4zf.default\Extensions\[email protected] [2018-08-04]
FF Extension: (Al traductor de Google) - C:\Users\Palermo\AppData\Roaming\Mozilla\Firefox\Profiles\y9vwa4zf.default\Extensions\[email protected] [2021-06-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-07-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncHelper.exe [3240296 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-25] (Malwarebytes Inc -> Malwarebytes)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [70752 2018-01-06] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\OneDriveUpdaterService.exe [3703144 2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] (ASUSTeK Computer Inc. -> )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-08] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-08 21:39 - 2021-07-08 21:43 - 000024396 _____ C:\Users\Palermo\Desktop\FRST.txt
2021-07-08 20:26 - 2021-07-08 20:27 - 002301440 _____ (Farbar) C:\Users\Palermo\Desktop\FRST64.exe
2021-07-08 08:56 - 2021-07-08 08:56 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 08:55 - 2021-07-08 08:55 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 08:55 - 2021-07-08 08:55 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 08:55 - 2021-07-08 08:55 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 08:55 - 2021-07-08 08:55 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 08:55 - 2021-07-08 08:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 08:55 - 2021-07-08 08:55 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-08 08:53 - 2021-07-08 08:53 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 08:53 - 2021-07-08 08:53 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-08 08:53 - 2021-07-08 08:53 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-08 08:53 - 2021-07-08 08:53 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-08 08:53 - 2021-07-08 08:53 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 07:19 - 2021-07-08 07:19 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-PALERMO-PC-Windows-10-Pro-(64-bit).dat
2021-07-08 07:19 - 2021-07-08 07:19 - 000000000 ____D C:\RegBackup
2021-07-08 07:13 - 2021-07-08 07:13 - 000000000 ____D C:\WINDOWS\pss
2021-07-08 06:56 - 2021-07-08 06:56 - 048048406 _____ C:\Users\Palermo\Downloads\tweaking.com_windows_repair_aio.zip
2021-07-07 18:29 - 2021-07-07 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-07-05 00:49 - 2021-07-05 00:49 - 001599227 _____ C:\Users\Palermo\Downloads\0273-Peeking-Minnie-SVG.zip
2021-07-05 00:47 - 2021-07-05 00:48 - 001515370 _____ C:\Users\Palermo\Downloads\Minnie-Mouse-Head-SVG.zip
2021-07-04 20:05 - 2021-07-04 20:05 - 000000000 ___SD C:\Users\Palermo\Documents\Mis archivos de origen de datos
2021-07-04 08:04 - 2021-07-04 08:04 - 000122838 _____ C:\Users\Palermo\Desktop\sfcdetails.txt
2021-07-04 07:10 - 2021-07-04 07:10 - 000001086 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-07-04 07:10 - 2021-07-04 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-07-04 07:10 - 2021-07-04 07:10 - 000000000 ____D C:\Program Files\VS Revo Group
2021-07-04 07:09 - 2021-07-04 07:09 - 007510656 _____ (VS Revo Group ) C:\Users\Palermo\Downloads\revosetup.exe
2021-07-03 06:40 - 2021-07-08 10:07 - 000000506 __RSH C:\ProgramData\ntuser.pol
2021-07-03 05:58 - 2021-07-03 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-07-03 05:58 - 2021-07-03 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-07-03 05:58 - 2021-07-03 05:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-07-03 05:58 - 2021-07-03 05:58 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-07-03 05:56 - 2021-07-03 05:56 - 000000000 ____D C:\Users\Palermo\Desktop\FRST-OlderVersion
2021-06-29 07:07 - 2021-06-29 07:08 - 250120928 _____ C:\Users\Palermo\Downloads\g8t7787a.exe
2021-06-28 16:58 - 2021-06-28 16:58 - 000017388 _____ C:\Users\Palermo\Documents\Reporte Eset.txt
2021-06-28 08:12 - 2021-06-28 08:14 - 000001326 _____ C:\Users\Palermo\Desktop\ESET Online Scanner.lnk
2021-06-28 08:11 - 2021-06-28 08:14 - 000001432 _____ C:\Users\Palermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-06-28 07:41 - 2021-06-28 07:41 - 011697056 _____ (ESET) C:\Users\Palermo\Desktop\esetonlinescanner.exe
2021-06-27 12:16 - 2021-07-08 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-27 07:04 - 2021-06-28 07:50 - 000000000 ____D C:\KVRT2020_Data
2021-06-27 07:03 - 2021-06-27 07:03 - 105382256 _____ (AO Kaspersky Lab) C:\Users\Palermo\Downloads\KVRT.exe
2021-06-26 23:57 - 2021-06-26 23:57 - 000001989 _____ C:\Users\Palermo\Desktop\PC Health Check.lnk
2021-06-26 23:57 - 2021-06-26 23:57 - 000001407 _____ C:\Users\Palermo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-06-26 23:57 - 2021-06-26 23:57 - 000000000 ___RD C:\Users\Palermo\AppData\Local\PCHealthCheck
2021-06-26 23:54 - 2021-06-26 23:55 - 014114816 _____ C:\Users\Palermo\Downloads\WindowsPCHealthCheckSetup.msi
2021-06-25 18:58 - 2021-06-25 19:55 - 000021549 _____ C:\Users\Palermo\Desktop\Reporte malware2.txt
2021-06-25 13:26 - 2021-06-25 13:26 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftApi
2021-06-25 13:25 - 2021-06-28 09:35 - 000000000 __SHD C:\Users\Palermo\AppData\Roaming\ServiceMicrosoftApi
2021-06-25 11:03 - 2021-06-25 18:22 - 000000000 ____D C:\Users\Palermo\AppData\LocalLow\IGDump
2021-06-25 10:56 - 2021-07-08 08:03 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-25 10:56 - 2021-06-25 10:56 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-25 10:56 - 2021-06-25 10:56 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-25 10:56 - 2021-06-25 10:56 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-25 10:56 - 2021-06-25 10:56 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-25 10:54 - 2021-06-25 10:54 - 002094168 _____ (Malwarebytes) C:\Users\Palermo\Downloads\MBSetup1.exe
2021-06-25 02:45 - 2021-06-25 02:45 - 008534696 _____ (Malwarebytes) C:\Users\Palermo\Desktop\adwcleaner_8.2.exe
2021-06-24 18:11 - 2021-06-24 22:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-06-22 23:38 - 2021-06-22 23:39 - 025354355 _____ C:\Users\Palermo\Downloads\MEMORIA TECNICA DE CONDOMINIO ALAMOS 36 B.pdf
2021-06-17 23:04 - 2021-07-06 08:18 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-06-17 18:51 - 2021-06-17 18:51 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-06-16 23:16 - 2021-07-06 02:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-06-16 23:16 - 2021-07-06 02:22 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-16 23:16 - 2021-07-06 02:22 - 000000000 ___RD C:\Users\DefaultAppPool\OneDrive
2021-06-16 23:16 - 2021-06-16 23:16 - 000000000 ___RD C:\Users\Default\OneDrive
2021-06-16 23:14 - 2021-06-17 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2021-06-16 23:14 - 2021-06-16 23:14 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-06-16 23:14 - 2021-06-16 23:14 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-06-16 23:14 - 2021-06-16 23:14 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-06-16 23:10 - 2021-07-06 19:45 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-16 23:10 - 2021-06-16 23:10 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-06-13 13:04 - 2021-06-13 13:04 - 000000000 ____D C:\Users\Palermo\AppData\Local\Edraw
2021-06-11 00:07 - 2021-06-11 00:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-11 00:06 - 2021-06-11 00:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-11 00:06 - 2021-06-11 00:06 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-11 00:06 - 2021-06-11 00:06 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-11 00:05 - 2021-06-11 00:05 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-11 00:05 - 2021-06-11 00:05 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-11 00:04 - 2021-06-11 00:04 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-11 00:04 - 2021-06-11 00:04 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-11 00:03 - 2021-06-11 00:03 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-11 00:03 - 2021-06-11 00:03 - 000321226 ___SH C:\Users\Palermo\AppData\Roaming\rcbfeff
2021-06-11 00:03 - 2021-06-11 00:03 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-11 00:03 - 2021-06-11 00:03 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-08 21:41 - 2020-08-13 11:19 - 000000000 ____D C:\FRST
2021-07-08 21:40 - 2020-08-14 04:45 - 001771092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-08 21:40 - 2019-12-07 09:55 - 000778984 _____ C:\WINDOWS\system32\perfh00A.dat
2021-07-08 21:40 - 2019-12-07 09:55 - 000165828 _____ C:\WINDOWS\system32\perfc00A.dat
2021-07-08 21:40 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-08 21:35 - 2014-05-20 19:37 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-08 21:34 - 2018-03-10 02:53 - 428392448 _____ C:\Users\Palermo\AppData\Local\SageThumbs.db3
2021-07-08 21:34 - 2016-11-18 20:17 - 000000000 ____D C:\Users\Palermo\AppData\LocalLow\Mozilla
2021-07-08 21:34 - 2016-03-10 01:04 - 000000000 __SHD C:\Users\Palermo\IntelGraphicsProfiles
2021-07-08 21:34 - 2015-11-23 23:47 - 000000000 ___RD C:\Users\Palermo\iCloudDrive
2021-07-08 21:33 - 2020-08-14 05:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-08 21:33 - 2020-08-14 04:24 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-08 21:33 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-08 21:33 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-07-08 21:28 - 2014-06-02 22:22 - 000000000 ____D C:\Users\Palermo\AppData\Roaming\vlc
2021-07-08 21:20 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-08 21:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-08 20:50 - 2020-12-27 00:26 - 000000000 ____D C:\Users\Palermo\Downloads\Telegram Desktop
2021-07-08 10:05 - 2009-07-13 22:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-07-08 09:45 - 2020-06-16 18:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-08 09:45 - 2020-06-16 18:47 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-08 09:39 - 2020-08-14 04:24 - 005136072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-08 09:36 - 2019-12-07 09:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-07-08 09:36 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-08 09:34 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-08 09:07 - 2020-08-14 04:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-08 08:00 - 2020-07-18 19:14 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-07-08 02:00 - 2014-06-16 21:40 - 000000000 ____D C:\Users\Palermo\AppData\Local\Adobe
2021-07-07 18:31 - 2016-08-12 23:44 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-07-07 07:13 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\catroot2.bak
2021-07-06 02:22 - 2020-08-09 16:39 - 000000000 ___RD C:\Users\Hank\OneDrive
2021-07-06 02:22 - 2016-03-10 01:08 - 000000000 ___RD C:\Users\Palermo\OneDrive
2021-07-05 00:57 - 2020-08-09 13:14 - 000000000 ____D C:\Users\Palermo\AppData\Local\CrashDumps
2021-07-04 08:13 - 2020-08-14 02:54 - 000000000 ___DC C:\WINDOWS\Panther
2021-07-04 08:12 - 2015-07-18 00:38 - 000000000 ____D C:\Users\Palermo\Documents\Semiología
2021-07-04 08:12 - 2012-11-24 02:28 - 000000000 ____D C:\Users\Palermo\Documents\Blog
2021-07-04 07:36 - 2014-05-20 21:05 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-04 07:29 - 2015-06-26 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2021-07-04 07:28 - 2019-04-20 01:42 - 000000000 ____D C:\Program Files (x86)\Wondershare
2021-07-03 23:27 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-03 22:28 - 2017-08-24 22:56 - 000000000 ____D C:\Users\Palermo\dwhelper
2021-07-03 06:36 - 2016-05-19 01:24 - 000000000 ____D C:\Users\Palermo\AppData\LocalLow\Temp
2021-07-03 05:57 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-06-29 11:29 - 2020-08-14 04:32 - 000000000 ____D C:\Users\Palermo
2021-06-29 10:16 - 2020-11-10 03:35 - 000000000 ____D C:\Program Files (x86)\Avanquest update
2021-06-28 08:11 - 2014-05-21 19:55 - 000000000 ____D C:\Users\Palermo\AppData\Local\ESET
2021-06-27 12:14 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-27 00:25 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-06-25 20:48 - 2020-08-14 05:00 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-25 20:48 - 2020-08-14 05:00 - 000003528 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-25 10:56 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-25 10:51 - 2017-12-16 17:40 - 000000000 ____D C:\Users\Palermo\AppData\Local\Packages
2021-06-25 01:14 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-25 01:10 - 2014-07-29 21:07 - 000000000 ____D C:\Users\Palermo\AppData\Local\ElevatedDiagnostics
2021-06-25 01:01 - 2020-08-13 19:48 - 000000000 ____D C:\AdwCleaner
2021-06-24 22:09 - 2014-05-20 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-24 22:06 - 2014-05-20 19:37 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-24 20:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-06-24 19:26 - 2016-08-12 23:44 - 000001016 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-06-24 19:26 - 2016-08-12 23:44 - 000001012 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-06-23 18:36 - 2016-08-13 00:04 - 000000000 ___RD C:\Users\Palermo\Dropbox
2021-06-23 05:18 - 2021-05-18 00:47 - 000000000 ____D C:\Program Files (x86)\ToolBox
2021-06-22 18:34 - 2020-08-14 05:00 - 000004076 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-06-22 18:34 - 2020-08-14 05:00 - 000003844 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-06-16 23:16 - 2020-08-14 04:32 - 000000000 ____D C:\Users\DefaultAppPool
2021-06-16 23:15 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-12 19:38 - 2021-01-22 22:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-12 17:43 - 2018-03-01 22:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-11 03:23 - 2020-08-13 21:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\es-MX
2021-06-11 03:23 - 2020-08-13 21:36 - 000000000 ____D C:\WINDOWS\es-MX
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-11 03:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-11 02:33 - 2015-11-09 23:11 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-10 23:16 - 2014-05-29 14:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 23:11 - 2014-05-29 14:24 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Archivos en la raíz de algunos directorios ========

2014-04-29 21:03 - 2014-04-29 21:03 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-06-25 20:49 - 2016-06-25 20:49 - 000000010 _____ () C:\Users\Palermo\AppData\Roaming\2.1.0.2
2014-06-20 22:48 - 2014-07-07 01:01 - 000000132 _____ () C:\Users\Palermo\AppData\Roaming\Adobe PNG Format CC Prefs
2014-11-03 22:45 - 2021-02-23 11:36 - 000000034 _____ () C:\Users\Palermo\AppData\Roaming\AdobeWLCMCache.dat
2021-06-11 00:03 - 2021-06-11 00:03 - 000321226 ___SH () C:\Users\Palermo\AppData\Roaming\rcbfeff
2020-05-11 22:36 - 2020-05-10 15:31 - 007312986 __RSH () C:\Users\Palermo\AppData\Roaming\Microsoft\CaDeGe.bmeth
2020-05-11 22:36 - 2012-01-29 16:34 - 000885488 __RSH (AutoIt Team) C:\Users\Palermo\AppData\Roaming\Microsoft\cdg.exe
2015-12-18 20:29 - 2015-12-18 20:31 - 000001456 _____ () C:\Users\Palermo\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-03-10 02:53 - 2021-07-08 21:34 - 428392448 _____ () C:\Users\Palermo\AppData\Local\SageThumbs.db3

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Este es el Addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 07-07-2021
Ejecutado por Palermo (08-07-2021 21:45:55)
Ejecutado desde C:\Users\Palermo\Desktop
Windows 10 Pro Versión 21H1 19043.1083 (X64) (2020-08-14 10:02:21)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-3621588881-1788917359-2937691248-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621588881-1788917359-2937691248-503 - Limited - Disabled)
Hank (S-1-5-21-3621588881-1788917359-2937691248-1001 - Administrator - Enabled) => C:\Users\Hank
Invitado (S-1-5-21-3621588881-1788917359-2937691248-501 - Limited - Disabled)
Palermo (S-1-5-21-3621588881-1788917359-2937691248-1000 - Administrator - Enabled) => C:\Users\Palermo
WDAGUtilityAccount (S-1-5-21-3621588881-1788917359-2937691248-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
AndreaMosaic version 3.50.0 (HKLM-x32\...\Unyma AndreaMosaic_is1) (Version: 3.50.0 - Unyma)
Apple Application Support (32 bits) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.35 - Avanquest Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
calibre 64bit (HKLM\...\{0185ADA8-A025-46A7-8A5C-7F5C2C000CC5}) (Version: 4.21.0 - Kovid Goyal)
Comprobación de estado de PC Windows (HKLM\...\{BFFB10A0-7987-4AF9-8A03-14ECB01CF235}) (Version: 2.3.2106.25001 - Microsoft Corporation)
DesignTool (HKLM-x32\...\{D11F7FA4-29AA-4D52-BBB4-CA5942DEFEE9}) (Version: 1.0.1.5 - hikvision)
Dropbox (HKLM-x32\...\Dropbox) (Version: 126.4.4618 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.485.1 - Dropbox, Inc.) Hidden
DxO OpticsPro 10 (HKLM\...\{AB1F9A18-4645-48E4-9DA0-58B54A27759C}) (Version: 10.4.2 - DxO)
DxO OpticsPro 10 plug-in for Adobe Lightroom (HKLM-x32\...\{79C97462-1598-48CD-B597-8B3C3C5A20B8}) (Version: 1.0.30 - DxO Labs)
EZ CD Audio Converter [32-bit] (HKLM-x32\...\EZ CD Audio Converter [32-bit]) (Version: 6.0.8 - Poikosoft)
Flip PDF Professional (HKLM-x32\...\Flip PDF Professional_is1) (Version:  - FlipBuilder Solution)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
inPixio Photo Cutter 10 (HKLM-x32\...\inPixio Photo Cutter 10_is1) (Version: 10.4 - inPixio)
inPixio Photo Focus 4 (HKLM-x32\...\{2F2F3446-B605-41EF-9731-BEF9AF245D28}) (Version: 4.0.0 - InPixio)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iResizer 3.0 (HKLM\...\{FD071DBA-2994-4350-93BB-EC245D0D3C74}_is1) (Version:  - teorex)
IsoBuster 4.7 (HKLM-x32\...\IsoBuster_is1) (Version: 4.7 - Smart Projects)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
K-Lite Codec Pack 12.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Luminar 4 (HKLM\...\{283ACD22-38A7-4AED-AB75-222C88E855A0}) (Version: 4.2.0.5577 - Skylum)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft Office Profesional Plus 2021 - es-es (HKLM\...\ProPlus2021Volume - es-es) (Version: 16.0.13801.20794 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.21.27702 (HKLM-x32\...\{f4220b74-9edd-4ded-bc8b-0342c1e164d8}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{386881cc-7635-4ec3-aaf3-e28904b27a28}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
MKVCleaver 64 bit (HKLM\...\{32886311-ABB4-45BE-8274-1F53641B2AC7}_is1) (Version: 0.8.0.0 - Ilia Bakhmoutski)
MKVToolNix 33.1.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 33.1.0 - Moritz Bunkus)
Mozilla Firefox 89.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 89.0.2 (x64 es-ES)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 89.0.2.7843 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{A618CE26-1E36-4FA4-A1F4-D079DC6022B8}) (Version: 15.0.09200 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nitro Pro (HKLM\...\{58DADE87-307D-4AE5-82AC-76381214D484}) (Version: 11.0.8.470 - Nitro)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Recovery Toolbox for CD Free 2.2 (HKLM-x32\...\Recovery Toolbox for CD Free_is1) (Version:  - File Master LLC)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 2.2.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.8 - VS Revo Group, Ltd.)
SageThumbs 2.0.0.23 (HKLM\...\SageThumbs) (Version: 2.0.0.23 - Cherubic Software)
Storage and Network Calculator (HKLM-x32\...\{7A370774-A478-4ECD-B19A-C836CDEEE6FE}) (Version: 1.0.0.3 - hikvision)
SyncFolders versión 3.4.527 (HKLM-x32\...\{0B3B4477-CBE0-4131-95D9-E4DE0AC1055F}_is1) (Version: 3.4.527 - G.J. Weerheim)
ThumbsPlus 10 (HKLM-x32\...\{4E3BEDC4-E3A1-4211-875D-38B6B921ADCF}) (Version: 10.1.0.4011 - Cerious Software Inc.) Hidden
ThumbsPlus 10 (HKLM-x32\...\ThumbsPlus 10) (Version:  - Cerious Software)
ToolBox (HKLM-x32\...\ToolBox) (Version:  - )
Topaz Gigapixel AI (HKLM\...\Topaz Gigapixel AI) (Version: 5.2.3 - Topaz Labs LLC)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.8.8.20150402 - Xilisoft)

Packages:
=========
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2020-08-10] (ASUSTeK COMPUTER INC.)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-08-10] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.195.600.0_x86__kgqvnymyfvs32 [2021-06-12] (king.com)
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-09] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-27] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-08-10] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2020-08-09] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3621588881-1788917359-2937691248-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Palermo\Dropbox [2016-08-13 00:04]
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F80} => C:\Program Files (x86)\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2018-01-06] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SageThumbs] -> {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} => C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll [2017-05-09] (CherubicSoft) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F80} => C:\Program Files (x86)\EZ CD Audio Converter\ezcd64.dll [2016-01-01] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-03-27] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncShell64.dll [2021-07-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-03-27] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2017-07-01 20:52 - 2021-07-08 21:33 - 000027648 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-09 02:40 - 2017-05-09 02:40 - 000475648 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll
2017-05-09 02:40 - 2017-05-09 02:40 - 000716288 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\sqlite3.dll
2019-07-20 01:51 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2021-06-16 23:14 - 2021-06-16 23:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-06-16 23:14 - 2021-06-16 23:14 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 001519104 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfl340.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 000256000 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfle340.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-19] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 21:34 - 2021-07-08 21:30 - 000000030 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Calibre2\;C:\Program Files (x86)\Smart Projects\IsoBuster;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3621588881-1788917359-2937691248-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Palermo\Downloads\beatles love songs wallpaper.jpg
HKU\S-1-5-21-3621588881-1788917359-2937691248-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-3621588881-1788917359-2937691248-1000\...\StartupApproved\Run: => "Avanquest Message"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{7F67744C-7C50-4C0B-A38F-C970CB69A8E1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65F12B3A-4611-4C7A-A172-CC8724F970BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{572A2F73-0DA8-432D-9BA7-64FB39B355D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FFDA5C9D-52ED-4FEE-BE44-AF216F6F010A}C:\program files (x86)\toolbox\mintray.exe] => (Allow) C:\program files (x86)\toolbox\mintray.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{BEC0895F-2590-4FEE-95D1-21D54610966F}C:\program files (x86)\toolbox\mintray.exe] => (Allow) C:\program files (x86)\toolbox\mintray.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{645DE36F-457A-4078-8585-59D0E7E3395F}C:\program files (x86)\toolbox\toolbox.exe] => (Allow) C:\program files (x86)\toolbox\toolbox.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{0A2F4123-611E-4B9B-A54C-B6AC04EFC90D}C:\program files (x86)\toolbox\toolbox.exe] => (Allow) C:\program files (x86)\toolbox\toolbox.exe () [Archivo no firmado]
FirewallRules: [{88C255AF-C95D-495E-A715-8C8FCF58603C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8095C83E-BF4B-4401-B25C-FF6E221ECEE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1E94B61-B88E-4168-81A4-9F8B8C81AAF4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{98A0A090-C1A4-4FD5-BF3F-70280D2A75E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5758FCEB-AC75-4C35-B55B-320D1D541C05}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Puntos de Restauración =========================

07-07-2021 02:10:27 Punto de control programado
08-07-2021 08:13:02 Instalador de Módulos de Windows
08-07-2021 08:17:57 Instalador de Módulos de Windows
08-07-2021 08:19:57 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (07/08/2021 09:38:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.

Error: (07/08/2021 09:38:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.

Error: (07/08/2021 08:53:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.

Error: (07/08/2021 08:53:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.

Error: (07/08/2021 08:51:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.

Error: (07/08/2021 08:51:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.

Error: (07/08/2021 08:29:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.

Error: (07/08/2021 08:29:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\ThumbsPlus 10\Bin\Thumbs10.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_a86919ea866f7777.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1083_none_60bbe31371f34e71.manifest.


Errores del sistema:
=============
Error: (07/08/2021 09:33:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio WMPNetworkSvc se cerró con el siguiente error: 
Se intentó hacer referencia a un token que no existe.

Error: (07/08/2021 10:16:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio WMPNetworkSvc se cerró con el siguiente error: 
Se intentó hacer referencia a un token que no existe.

Error: (07/08/2021 10:15:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio ClickToRunSvc.

Error: (07/08/2021 09:39:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio WMPNetworkSvc se cerró con el siguiente error: 
Se intentó hacer referencia a un token que no existe.

Error: (07/08/2021 09:35:14 AM) (Source: DCOM) (EventID: 10010) (User: Palermo-PC)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/08/2021 09:35:14 AM) (Source: DCOM) (EventID: 10010) (User: Palermo-PC)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/08/2021 09:35:14 AM) (Source: DCOM) (EventID: 10010) (User: Palermo-PC)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/08/2021 09:35:14 AM) (Source: DCOM) (EventID: 10010) (User: Palermo-PC)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
================
Date: 2021-06-24 19:25:17
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Palermo\AppData\Local\Temp\73C0.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de inteligencia de seguridad: AV: 1.341.1385.0, AS: 1.341.1385.0, NIS: 1.341.1385.0
Versión de motor: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-24 19:25:09
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Caynamer.A!ml&threatid=2147749819&enterprise=0
Nombre: Trojan:Win32/Caynamer.A!ml
Id.: 2147749819
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Palermo\AppData\Local\Temp\7E9E.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.341.1385.0, AS: 1.341.1385.0, NIS: 1.341.1385.0
Versión de motor: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-24 19:25:09
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/AgentTesla!ml&threatid=2147760503&enterprise=0
Nombre: Trojan:Win32/AgentTesla!ml
Id.: 2147760503
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Palermo\AppData\Local\Temp\73C0.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Users\Palermo\AppData\Local\Temp\73C0.exe
Versión de inteligencia de seguridad: AV: 1.341.1385.0, AS: 1.341.1385.0, NIS: 1.341.1385.0
Versión de motor: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-24 19:24:10
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Azorult.RTH!MTB&threatid=2147781431&enterprise=0
Nombre: Trojan:Win32/Azorult.RTH!MTB
Id.: 2147781431
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Palermo\AppData\Local\Microsoft\Windows\INetCache\IE\DAWUDS58\file3[1].bmp; file:_C:\Users\Palermo\AppData\Local\Temp\E21D.exe; file:_C:\Users\Palermo\Documents\b5XnlM1zR0oT_D39trK5YW0t.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: Palermo-PC\Palermo
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.341.1385.0, AS: 1.341.1385.0, NIS: 1.341.1385.0
Versión de motor: AM: 1.1.18300.4, NIS: 1.1.18300.4

Date: 2021-06-24 19:24:07
Description: 
Antivirus de Microsoft Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=PWS:Win32/Racealer.GKM!MTB&threatid=2147774296&enterprise=0
Nombre: PWS:Win32/Racealer.GKM!MTB
Id.: 2147774296
Gravedad: Grave
Categoría: Programa de interceptación de contraseñas
Ruta de acceso: process:_pid:10080,ProcessStart:132690542135009879
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Users\Palermo\AppData\Local\Temp\D470.exe
Versión de inteligencia de seguridad: AV: 1.341.1385.0, AS: 1.341.1385.0, NIS: 1.341.1385.0
Versión de motor: AM: 1.1.18300.4, NIS: 1.1.18300.4

CodeIntegrity:
===============
Date: 2021-06-25 16:21:45
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-06-25 10:56:33
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 0704 12/02/2013
Placa base: ASUSTeK COMPUTER INC. H87M-PLUS
Procesador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Porcentaje de memoria en uso: 52%
RAM física total: 8064.59 MB
RAM física disponible: 3870.5 MB
Virtual total: 16256.59 MB
Virtual disponible: 12021.11 MB

==================== Unidades ================================

Drive c: (DRIVE_C) (Fixed) (Total:930.9 GB) (Free:40.8 GB) NTFS

\\?\Volume{a48659ed-e007-11e3-9364-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e9e48e82-0000-0000-0000-b0bfe8000000}\ () (Fixed) (Total:0.52 GB) (Free:0.05 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E9E48E82)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=529 MB) - (Type=27)

==================== Final de Addition.txt =======================

Y este es el reporte del FSS.txt

Farbar Service Scanner Version: 23-12-2020
Ran by Palermo (administrator) on 08-07-2021 at 22:59:19
Running from "C:\Users\Palermo\Desktop"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Windows Security:
============

SecurityHealthService Service is not running. Checking service configuration:
Checking Start type of SecurityHealthService: ATTENTION!=====> Unable to open SecurityHealthService registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open SecurityHealthService registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv: "%systemroot%\system32\svchost.exe -k netsvcs -p".
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type of WinDefend: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy: 
==========================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\SecurityHealthService.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Saludos!

Hola @eoropesa

Estoy analizando detenidamente tus reportes, vuelvo en cuanto tenga suficiente información.

Saludos.

Ok, empecemos por aquí.

Ejecuta Farbar Service Scan nuevamente.

  • En el recuadro blanco escribes tal cual:
*MsMpEng*
  • Presiona el botón Search Files
  • Cuando termine con la búsqueda se guardara un reporte en el escritorio llamado search.txt. Pega su contenido en tu próxima respuesta.

Saludos.

Hola espero estés bien.

Este es el reporte de Farbar Service Scanner solicitado (solo con la casilla de Internet Services habilitada, espero sea lo correcto), y la instrucción “MsMpEng

Farbar Service Scanner Version: 23-12-2020
Ran by Palermo (administrator) on 09-07-2021 at 18:44:40
Microsoft Windows 10 Pro  (X64)

************************************************
======== Search: "*MsMpEng*" =========

C:\Windows\WinSxS\Backup\amd64_windows-defender-service_31bf3856ad364e35_10.0.19041.746_none_a39f6d9ab59bd8b7_msmpeng.exe_2f1c6923
[2021-01-15 01:59] - [2021-06-24 21:48] - 0047136 ____A () 17F87BF66CF2C1AE31BD5C7674E0621E

C:\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_10.0.19041.746_none_a39f6d9ab59bd8b7\MsMpEng.exe
[2019-12-07 04:08] - [2019-12-07 04:08] - 0103384 ____A (Microsoft Corporation) CA2DE21D04A42228B707ABCE64EBBC8B

C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1083.1.1\amd64_windows-defender-service_31bf3856ad364e35_10.0.19041.746_none_a39f6d9ab59bd8b7\r\msmpeng.exe
[2021-07-08 09:27] - [2021-06-10 05:58] - 0000135 ____N () 625D5D84394C346A8A69A93D9F75FA49

C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1083.1.1\amd64_windows-defender-service_31bf3856ad364e35_10.0.19041.746_none_a39f6d9ab59bd8b7\f\msmpeng.exe
[2021-07-08 09:27] - [2021-06-10 05:58] - 0000135 ____N () 625D5D84394C346A8A69A93D9F75FA49

C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1052.1.13\amd64_windows-defender-service_31bf3856ad364e35_10.0.19041.746_none_a39f6d9ab59bd8b7\r\msmpeng.exe
[2021-06-10 23:36] - [2021-06-05 17:31] - 0000135 ____A () EEA2410695B12E8AB92301AC03ED4C96

C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1052.1.13\amd64_windows-defender-service_31bf3856ad364e35_10.0.19041.746_none_a39f6d9ab59bd8b7\f\msmpeng.exe
[2021-06-10 23:36] - [2021-06-05 17:31] - 0000135 ____A () 625D5D84394C346A8A69A93D9F75FA49

C:\Users\All Users\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
[2021-06-12 17:43] - [2021-06-12 17:43] - 0136656 ____A (Microsoft Corporation) CECD78F3EE9D8D5CDB381F3C60AE8B1A

C:\Users\All Users\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
[2021-06-05 14:56] - [2021-06-05 14:56] - 0136656 ____A (Microsoft Corporation) D91560EB4B19EAA1C3471BAB96DC9652

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
[2021-06-12 17:43] - [2021-06-12 17:43] - 0136656 ____A (Microsoft Corporation) CECD78F3EE9D8D5CDB381F3C60AE8B1A

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
[2021-06-05 14:56] - [2021-06-05 14:56] - 0136656 ____A (Microsoft Corporation) D91560EB4B19EAA1C3471BAB96DC9652

C:\Program Files\Windows Defender\MsMpEng.exe
[2019-12-07 04:08] - [2019-12-07 04:08] - 0103384 ____A (Microsoft Corporation) CA2DE21D04A42228B707ABCE64EBBC8B

====== End Of Search ======

Quedo en espera. Mil gracias como siempre, :slight_smile:

Estoy analizando todos tus reportes, en cuanto acabe la laboriosa tarea vuelvo con los siguientes pasos a seguir.

Saludos.

Aprecio mucho tu trabajo e interés!! Hoy saldré de la ciudad y regreso mañana. Estaré al tanto de las indicaciones. Un abrazo y buen fin de semana.

1 me gusta

Un saludo de nuevo @eoropesa , espero que vaya todo genial.

Te indico los pasos a seguir:

1.- Abre un bloc de notas, copia y pega este script:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Task: {51818694-2B12-40B4-AAC8-F0E38A193C9E} - System32\Tasks\{9C368EE6-9637-491B-B655-2342D7F80F9E} => D:\DEMOCOLE\DEMOCOLE.EXE
D:\DEMOCOLE\DEMOCOLE.EXE
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"Description"="@%systemroot%\\system32\\SecurityHealthAgent.dll,-1001"
"DisplayName"="@%systemroot%\\system32\\SecurityHealthAgent.dll,-1002"
"ErrorControl"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,\
  00,65,00,63,00,75,00,72,00,69,00,74,00,79,00,48,00,65,00,61,00,6c,00,74,00,\
  68,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,\
  00
"LaunchProtected"=dword:00000002
"ObjectName"="LocalSystem"
"RequiredPrivileges"=hex(7):53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,\
  00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
  65,00,00,00,53,00,65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,\
  00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,\
  74,00,6f,00,72,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,\
  00,00,00,53,00,65,00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,\
  69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,\
  00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,\
  6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,\
  00,74,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
  53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,72,00,69,00,6d,00,61,\
  00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,00,69,00,76,00,69,00,\
  6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,\
  00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,79,00,73,00,\
  74,00,65,00,6d,00,45,00,6e,00,76,00,69,00,72,00,6f,00,6e,00,6d,00,65,00,6e,\
  00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
  65,00,53,00,68,00,75,00,74,00,64,00,6f,00,77,00,6e,00,50,00,72,00,69,00,76,\
  00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"ServiceSidType"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000010

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security]
"Security"=hex:01,00,14,80,1c,01,00,00,28,01,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,ec,00,08,00,00,00,00,00,18,00,9d,00,02,00,01,02,00,00,00,00,00,\
  05,20,00,00,00,21,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,\
  12,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
  02,00,00,00,00,14,00,9d,00,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,\
  14,00,9d,00,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,fd,01,02,\
  00,01,06,00,00,00,00,00,05,50,00,00,00,e5,fe,79,5f,a0,ae,0d,3b,22,fa,0a,c9,\
  01,5a,41,3a,e5,a6,4a,b7,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,\
  00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,00,\
  28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,00,00,00,db,8c,74,0f,c2,72,73,\
  f3,2b,26,b9,44,77,1e,4f,02,76,63,b5,21,01,01,00,00,00,00,00,05,12,00,00,00,\
  01,01,00,00,00,00,00,05,12,00,00,00
EndRegedit:

StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend]
"DisplayName"="@%ProgramFiles%\\Windows Defender\\MpAsDesc.dll,-310"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
  6d,00,44,00,61,00,74,00,61,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,\
  00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,44,00,\
  65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,50,00,6c,00,61,00,74,00,66,\
  00,6f,00,72,00,6d,00,5c,00,34,00,2e,00,31,00,38,00,2e,00,32,00,31,00,30,00,\
  35,00,2e,00,35,00,2d,00,30,00,5c,00,4d,00,73,00,4d,00,70,00,45,00,6e,00,67,\
  00,2e,00,65,00,78,00,65,00,22,00,00,00
"Start"=dword:00000002
"Type"=dword:00000010
"Description"="@%ProgramFiles%\\Windows Defender\\MpAsDesc.dll,-240"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,4c,00,6f,00,61,00,64,00,44,00,72,00,69,\
  00,76,00,65,00,72,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
  00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,\
  00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
  65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,74,00,6f,00,72,00,\
  65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,\
  00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
  67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,\
  00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
  65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,00,74,00,79,00,50,\
  00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,\
  68,00,75,00,74,00,64,00,6f,00,77,00,6e,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,\
  73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,\
  50,00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,\
  00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,\
  63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,\
  00,65,00,53,00,79,00,73,00,74,00,65,00,6d,00,45,00,6e,00,76,00,69,00,72,00,\
  6f,00,6e,00,6d,00,65,00,6e,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
  00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00
"LaunchProtected"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\Security]
"Security"=hex:01,00,14,80,f4,00,00,00,00,01,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,c4,00,07,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,\
  05,20,00,00,00,21,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,\
  12,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
  02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,\
  14,00,9d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,ff,01,0f,\
  00,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,\
  57,00,77,6e,c0,02,64,87,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,\
  00,00,00,bf,55,08,72,3b,e0,28,d0,89,79,4b,f8,91,89,6e,7c,40,25,ec,f4,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
EndRegedit:

CMD: WMIC SERVICE WHERE Name="WinDefend" set startmode="auto" 
CMD: net start WinDefend
CMD: WMIC SERVICE WHERE Name="SecurityHealthService" set startmode="auto" 
CMD: net start SecurityHealthService

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
EmptyTemp:
End
  • Ve a Archivo y selecciona Guardar Como.
  • En la parte de Códificación elige Unicode o UTF8 según le de la opción.
  • Guardalo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

Igualmente, FRST.EXE debe seguir estando ubicado en el escritorio. IMPORTANTE.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Ahora, sigue estos pasos:

1.- Ejecutas de nuevo FRST.EXE (click derecho → ejecutar como administrador).

2.- Haz clic en Fix/Corregir. OJO: No hagas nada con el PC, ni trates de apagarlo aunque aparente quedarse colgado. Simplemente espera a que termine.

3.- Una vez terminado, en tu escritorio aparecerá fixlog.txt.

4.- Reinicia el PC.

5.- Próxima respuesta: contenido del fichero fixlog.txt y comentario sobre el problema con Windows Defender (si se ha resuelto, sigue igual…).

Saludos.

1 me gusta

Hola Pablo Gusto en saludarte

Te cuento que ya por fin funciona el Windows defender!!!

Te mando el resultado de Fixlog.txt Y ya me comentarás si ves algo raro.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 11-07-2021
Ejecutado por Palermo (11-07-2021 20:25:05) Run:3
Ejecutado desde C:\Users\Palermo\Desktop
Perfiles cargados: Palermo & Hank
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Task: {51818694-2B12-40B4-AAC8-F0E38A193C9E} - System32\Tasks\{9C368EE6-9637-491B-B655-2342D7F80F9E} => D:\DEMOCOLE\DEMOCOLE.EXE
D:\DEMOCOLE\DEMOCOLE.EXE
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"Description"="@%systemroot%\\system32\\SecurityHealthAgent.dll,-1001"
"DisplayName"="@%systemroot%\\system32\\SecurityHealthAgent.dll,-1002"
"ErrorControl"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
  74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,53,\
  00,65,00,63,00,75,00,72,00,69,00,74,00,79,00,48,00,65,00,61,00,6c,00,74,00,\
  68,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,2e,00,65,00,78,00,65,00,00,\
  00
"LaunchProtected"=dword:00000002
"ObjectName"="LocalSystem"
"RequiredPrivileges"=hex(7):53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,\
  00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
  65,00,00,00,53,00,65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,\
  00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,\
  74,00,6f,00,72,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,\
  00,00,00,53,00,65,00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,\
  69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,\
  00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,\
  6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,\
  00,74,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\
  53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,50,00,72,00,69,00,6d,00,61,\
  00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,00,72,00,69,00,76,00,69,00,\
  6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,\
  00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,79,00,73,00,\
  74,00,65,00,6d,00,45,00,6e,00,76,00,69,00,72,00,6f,00,6e,00,6d,00,65,00,6e,\
  00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
  65,00,53,00,68,00,75,00,74,00,64,00,6f,00,77,00,6e,00,50,00,72,00,69,00,76,\
  00,69,00,6c,00,65,00,67,00,65,00,00,00,00,00
"ServiceSidType"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000010

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security]
"Security"=hex:01,00,14,80,1c,01,00,00,28,01,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,ec,00,08,00,00,00,00,00,18,00,9d,00,02,00,01,02,00,00,00,00,00,\
  05,20,00,00,00,21,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,\
  12,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
  02,00,00,00,00,14,00,9d,00,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,\
  14,00,9d,00,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,fd,01,02,\
  00,01,06,00,00,00,00,00,05,50,00,00,00,e5,fe,79,5f,a0,ae,0d,3b,22,fa,0a,c9,\
  01,5a,41,3a,e5,a6,4a,b7,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,\
  00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,57,00,77,6e,c0,02,64,87,00,00,\
  28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,00,00,00,db,8c,74,0f,c2,72,73,\
  f3,2b,26,b9,44,77,1e,4f,02,76,63,b5,21,01,01,00,00,00,00,00,05,12,00,00,00,\
  01,01,00,00,00,00,00,05,12,00,00,00
EndRegedit:

StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend]
"DisplayName"="@%ProgramFiles%\\Windows Defender\\MpAsDesc.dll,-310"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
  6d,00,44,00,61,00,74,00,61,00,5c,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,\
  00,66,00,74,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,44,00,\
  65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,50,00,6c,00,61,00,74,00,66,\
  00,6f,00,72,00,6d,00,5c,00,34,00,2e,00,31,00,38,00,2e,00,32,00,31,00,30,00,\
  35,00,2e,00,35,00,2d,00,30,00,5c,00,4d,00,73,00,4d,00,70,00,45,00,6e,00,67,\
  00,2e,00,65,00,78,00,65,00,22,00,00,00
"Start"=dword:00000002
"Type"=dword:00000010
"Description"="@%ProgramFiles%\\Windows Defender\\MpAsDesc.dll,-240"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00
"ObjectName"="LocalSystem"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,4c,00,6f,00,61,00,64,00,44,00,72,00,69,\
  00,76,00,65,00,72,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
  00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,\
  00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,\
  65,00,42,00,61,00,63,00,6b,00,75,00,70,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,52,00,65,00,73,00,74,00,6f,00,72,00,\
  65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,\
  00,44,00,65,00,62,00,75,00,67,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
  67,00,65,00,00,00,53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,00,6f,\
  00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,\
  65,00,00,00,53,00,65,00,53,00,65,00,63,00,75,00,72,00,69,00,74,00,79,00,50,\
  00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,53,00,\
  68,00,75,00,74,00,64,00,6f,00,77,00,6e,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6e,00,63,00,72,00,65,00,61,00,\
  73,00,65,00,51,00,75,00,6f,00,74,00,61,00,50,00,72,00,69,00,76,00,69,00,6c,\
  00,65,00,67,00,65,00,00,00,53,00,65,00,41,00,73,00,73,00,69,00,67,00,6e,00,\
  50,00,72,00,69,00,6d,00,61,00,72,00,79,00,54,00,6f,00,6b,00,65,00,6e,00,50,\
  00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,54,00,\
  63,00,62,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,\
  00,65,00,53,00,79,00,73,00,74,00,65,00,6d,00,45,00,6e,00,76,00,69,00,72,00,\
  6f,00,6e,00,6d,00,65,00,6e,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,\
  00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
  00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00
"LaunchProtected"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend\Security]
"Security"=hex:01,00,14,80,f4,00,00,00,00,01,00,00,14,00,00,00,30,00,00,00,02,\
  00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,c4,00,07,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,\
  05,20,00,00,00,21,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,\
  12,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\
  02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,00,\
  14,00,9d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,28,00,ff,01,0f,\
  00,01,06,00,00,00,00,00,05,50,00,00,00,b5,89,fb,38,19,84,c2,cb,5c,6c,23,6d,\
  57,00,77,6e,c0,02,64,87,00,00,28,00,ff,01,0f,00,01,06,00,00,00,00,00,05,50,\
  00,00,00,bf,55,08,72,3b,e0,28,d0,89,79,4b,f8,91,89,6e,7c,40,25,ec,f4,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
EndRegedit:

CMD: WMIC SERVICE WHERE Name="WinDefend" set startmode="auto" 
CMD: net start WinDefend
CMD: WMIC SERVICE WHERE Name="SecurityHealthService" set startmode="auto" 
CMD: net start SecurityHealthService

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
EmptyTemp:
End
*****************

SystemRestore: On => Error -> 4%
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51818694-2B12-40B4-AAC8-F0E38A193C9E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51818694-2B12-40B4-AAC8-F0E38A193C9E}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{9C368EE6-9637-491B-B655-2342D7F80F9E} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9C368EE6-9637-491B-B655-2342D7F80F9E}" => eliminado correctamente
"D:\DEMOCOLE\DEMOCOLE.EXE" => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
Registro ====> La operaci�n se complet� correctamente.

Registro ====> La operaci�n se complet� correctamente.


========= WMIC SERVICE WHERE Name="WinDefend" set startmode="auto" =========

No hay instancias disponibles.


========= Final de CMD: =========


========= net start WinDefend =========

El nombre de servicio no es v lido.

Puede obtener m s ayuda con el comando NET HELPMSG 2185.


========= Final de CMD: =========


========= WMIC SERVICE WHERE Name="SecurityHealthService" set startmode="auto" =========

No hay instancias disponibles.


========= Final de CMD: =========


========= net start SecurityHealthService =========

El nombre de servicio no es v lido.

Puede obtener m s ayuda con el comando NET HELPMSG 2185.


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::550a:7e1:f2e6:7fad%7
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.5
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 19423232 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 141464545 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3060507 B
Edge => 0 B
Firefox => 1132877137 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 888 B
systemprofile32 => 888 B
LocalService => 15686 B
NetworkService => 25740 B
Palermo => 29524400 B
Hank => 29524400 B
DefaultAppPool => 29524400 B

RecycleBin => 77390219 B
EmptyTemp: => 1.4 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 20:32:21 ====

HIce un escaneo won el Windows defender y no reportó ningún problema. Solo quería comentarte que encontré una lista de esclusiones dentro de este programa que me pareció un poco rara. Te la envío por si tienes alguna observación.

Exclusiones

Muchísimas gracias como siempre por tu apoyo e interés.

1 me gusta

Un saludo @eoropesa , me alegro de que se haya resuelto el problema.

Respecto a las exclusiones de Windows Defender, salvo que alguna la hayas añadido tú a mano de forma consciente, las eliminas todas.

Genial, te lo iba a pedir, así que perfecto :ok_hand: No obstante, por seguridad, repítelo ya con las exclusiones eliminadas.

Si tienes alguna duda más, coméntamela sin problema. De momento, yo voy a empezar con los pasos para limpiar tu PC de todas las herramientas que hemos utilizado.

DelFix

Descargue esta pequeña utilidad desde esta web (a la derecha, haciendo scroll, está el botón Descargar Programa): DelFix | InfoSpyware

Ejecútalo, marca las casillas que se ven marcadas con :white_check_mark: en esta captura:

Luego, pulsa Run. Cuando acabe, sube el reporte generado.

Lo que NO elimina DelFix

DelFix no elimina todas las herramientas que hemos utilizado.

1.- Malwarebytes

Si no quieres tenerlo instalado, desinstálalo con Revo Uninstaller, tal y como se explica en su manual: Manual de Revo Uninstaller

También puedes dejarlo instalado, con protección residente si pagas una licencia Premium o como análisis manual para cuando lo desees en edición “Free”. Es tu decisión.

2.- KVRT

Simplemente tienes que eliminar el archivo.

3.- Revo Uninstaller

Finalmente, puedes ir al panel de control y quitarlo. Personalmente, te recomiendo mantenerlo para las futuras desinstalaciones que hagas de programas.

Creo que no me dejo nada en el tintero, pero repito, cualquier duda, coméntala sin problemas. Además, no olvides subir el reporte de DelFix.

Por último, si ya no tienes dudas, sugerencias, quejas… te pido que vayas a la respuesta que más se haya acercado a la solución definitiva y marques el tema como solucionado, como se indica en la siguiente imagen:

Saludos.

Muchas gracias por confiar en ForoSpyware, estaremos encantados de ayudarte en futuros problemas que puedas tener.

1 me gusta

Hola Pablo :slight_smile:

Eliminé todas las exclusiones y corrí nuevamente el Windows Defender y nuevamente no se reportaron amenzas.

Este es el reporte de DelFix:

# DelFix v1.010 - Logfile created 13/07/2021 at 10:34:09
# Updated 26/04/2015 by Xplode
# Username : Palermo - PALERMO-PC
# Operating System : Windows 10 Enterprise  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\Palermo\Desktop\FRST-OlderVersion
Deleted : C:\Users\Palermo\Desktop\Addition.txt
Deleted : C:\Users\Palermo\Desktop\adwcleaner_8.0.7.exe
Deleted : C:\Users\Palermo\Desktop\adwcleaner_8.2.exe
Deleted : C:\Users\Palermo\Desktop\Fixlog.txt
Deleted : C:\Users\Palermo\Desktop\FRST.txt
Deleted : C:\Users\Palermo\Desktop\FRST64.exe
Deleted : C:\Users\Palermo\Desktop\FSS.exe
Deleted : C:\Users\Palermo\Desktop\FSS.txt
Deleted : C:\Users\Public\Desktop\MKVCleaver 64 bit.lnk
Deleted : C:\Users\Palermo\Downloads\adwcleaner_8.0.7.exe
Deleted : C:\Users\Palermo\Downloads\FRSTEnglish.exe

~ Cleaning system restore ...

Deleted : RP #64 [Punto de control programado | 07/07/2021 07:10:27]
Deleted : RP #65 [Instalador de Módulos de Windows | 07/08/2021 13:13:02]
Deleted : RP #66 [Instalador de Módulos de Windows | 07/08/2021 13:17:57]
Deleted : RP #67 [Instalador de Módulos de Windows | 07/08/2021 13:19:57]

New restore point created !

########## - EOF - ##########

Te agradezco inifinitamente tu apoyo, interés y paciencia. Fue un largo proceso pero me llevaste maravillosamente de la mano con pasos conservadores y finalmente efectivos. Te mando un abrazo, mi reconocimiento y respeto.

Saludos!

1 me gusta

Hola de nuevo.

DelFix ha trabajado como debe y veo que no tienes más dudas. Por tanto, tema finalizado. Gracias de nuevo por confiar en el foro.

Saludos, hasta la próxima :handshake:

2 Me gusta

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.