Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 01.04.2024 01 Ejecutado por USUARIO (01-04-2024 22:38:46) Run:5 Ejecutado desde C:\Users\USUARIO\Desktop Perfiles cargados: USUARIO Modo de Inicio: Normal ============================================== fixlist contenido: ***************** Start:: SystemRestore: On CreateRestorePoint: CloseProcesses: Unlock: C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll VirusTotal: C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll VirusTotal: C:\Users\USUARIO\Downloads\kucc1siq.exe VirusTotal: C:\Users\USUARIO\Downloads\yehly8hb.exe Folder: C:\ProgramData\MappingDevice Folder: C:\tools\kernrate Folder: C:\tools File: C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll File: C:\Users\USUARIO\Downloads\yehly8hb.exe File: C:\Users\USUARIO\Downloads\kucc1siq.exe HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricci�n <==== ATENCI�N HKLM\SOFTWARE\Policies\Microsoft\MRT: Restricci�n <==== ATENCI�N HKU\S-1-5-21-3967491181-1079075237-2608322229-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2023-05-04] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\4.1.321\SSScheduler.exe (McAfee, LLC -> McAfee, LLC) Task: {BF16F8AC-C3FD-470F-97B0-3B715C394B3D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\sspifrwnh => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe [53248 2018-09-13] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\MappingDevice\MailSxropce\/U C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll C:\ProgramData\MappingDevice HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricci�n <==== ATENCI�N U4 dmwappushservice; no ImagePath WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] AlternateDataStreams: C:\ProgramData\TEMP:CB2A6156 [194] CMD: ipconfig /flushdns CMD: ipconfig /renew CMD: bitsadmin /reset /allusers CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset RemoveProxy: EmptyTemp: Hosts: End:: ***************** SystemRestore: On => completado El punto de restauración fue creado correctamente. Procesos cerrados correctamente. "C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll" => fue desbloqueado VirusTotal: C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll => Error: Ninguna corrección automática encontrada para esta entrada. VirusTotal: C:\Users\USUARIO\Downloads\kucc1siq.exe => Error: Ninguna corrección automática encontrada para esta entrada. VirusTotal: C:\Users\USUARIO\Downloads\yehly8hb.exe => Error: Ninguna corrección automática encontrada para esta entrada. ========================= Folder: C:\ProgramData\MappingDevice ======================== 2021-08-29 22:49 - 2021-08-29 22:49 - 001061608 ____A [B192F34D99421DC3207F2328FFE62BD0] (Beijing Qihu Technology Co., Ltd. -> 360.cn) C:\ProgramData\MappingDevice\360Base.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 002202208 ____A [DF3015F6E4A57C482D1D4CF95E8B490E] (QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED) C:\ProgramData\MappingDevice\360Central.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001448448 ____A [14C6B4BBD31F6FD13530BC941CC71D1A] (Beijing Qihu Technology Co., Ltd. -> 360.cn) C:\ProgramData\MappingDevice\360NetBase.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 001049856 ____A [61D9783B5A1E4B01A737D4A2E4E4C776] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\360SkinView.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001316864 ____A [0E19576ED0876D7C2C4D4EB941B0BE43] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\BrowseringProtection.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001805704 ____A [8E11B5C3C4E619ED4AEE8FF75FCBB9D8] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\FeedBack.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001957888 ____A [22E135B3B8E6339132A5EEAF2C46FCB8] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\GameBooster.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001834592 ____A [F791B56733B56B97132351F7DEDA4297] (QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED) C:\ProgramData\MappingDevice\HomeRouterMgr.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001718504 ____A [2D5302155B58CFA9CD5DD0DF2AE69A7F] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\LargeFileFinder.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000878295 ____A [2BE88EAE01177E87F72901B0E1602561] () C:\ProgramData\MappingDevice\libleak.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 001426528 ____A [6E10B7D97CE3A8DA723C80B5C187077B] (QIHU 360 SOFTWARE CO. LIMITED -> QIHU 360 SOFTWARE CO. LIMITED) C:\ProgramData\MappingDevice\MedalWall.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 002144736 ____A [74B8784462B855339BC446A1FEBE8B47] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\QHAccount.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 001208384 ____A [BB7275057B8024A57D701CF9534E8CCB] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\QHFileSmasher.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000458752 ____A [96E6BAB20CB5A82BDD221726B2CD8D10] () [Archivo no firmado] C:\ProgramData\MappingDevice\QHSafeMain.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\MappingDevice\MailSxropce 2021-08-29 22:49 - 2021-08-29 22:49 - 000686592 ____A [94467CAE7CF2FD31C90AA8D4713E506F] () C:\ProgramData\MappingDevice\MailSxropce\~WRA2043.wbk 2021-08-29 22:49 - 2021-08-29 22:49 - 000582301 ____A [C65CB8D307004939FBEDA7D995F82394] () C:\ProgramData\MappingDevice\MailSxropce\2024-02-03 17-51-55.csv.gz 2021-08-29 22:49 - 2021-08-29 22:49 - 000015337 ____A [4ADD6D2834BB9CD3C00243F068341A3D] () C:\ProgramData\MappingDevice\MailSxropce\2024-02-03 17-51-55.txt 2021-08-29 22:49 - 2021-08-29 22:49 - 000064395 ____A [58E923EBB24F6F2CF76DC1F6D00537E9] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20231102.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000062489 ____A [36BBECD059A48A7BAE0C39B89EF7CEB1] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20231116.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000063936 ____A [C91E64DB2FA3D9BBDF8D3282416DEB5F] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20231130.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000013773 ____A [D53318E25EE724C5B360A22AB5B78E76] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20231215.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000063116 ____A [1956524147ECA3678D3BC0D4ACA0DA24] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20231216.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000061518 ____A [84E05F4573FCB7D7F8E1358E483FA428] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20240102.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000063425 ____A [D18F7FB23DC0FD541F11392DCBA94D05] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20240117.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000061783 ____A [8CC55E702AF47089908F2B96B9D57101] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20240131.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000063857 ____A [9F65EE2720A5339178625A00DF3EF89E] () C:\ProgramData\MappingDevice\MailSxropce\360DrvMgr_20240215.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000085156 ____A [CDAFEE6D8F541D9721BB5D039729B8E5] () C:\ProgramData\MappingDevice\MailSxropce\360note.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000004940 ____A [FAE24F818A5721A020BE0C6CCCDE118C] () C:\ProgramData\MappingDevice\MailSxropce\360rcbase.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 001768680 ____A [F5DF8943BAB4C0CFB57959F0DEDEFB19] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\MailSxropce\360TsLiveUpd.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000484921 ____A [6612F5B113E968FE50C94FBFECAEC2A0] () C:\ProgramData\MappingDevice\MailSxropce\360wd.log 2021-08-29 22:49 - 2021-08-29 22:49 - 000026144 ____A [84520F4EE77A68D271155D01EA304881] (Mozilla Corporation -> Mozilla Foundation) C:\ProgramData\MappingDevice\MailSxropce\AccessibleMarshal.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018744 ____A [502263C56F931DF8440D7FD2FA7B7C00] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-console-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018232 ____A [CB978304B79EF53962408C611DFB20F5] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-datetime-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018232 ____A [6D778E83F74A4C7FE4C077DC279F6867] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-errorhandling-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000021816 ____A [94AE25C7A5497CA0BE6882A00644CA64] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-file-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018232 ____A [E2F648AE40D234A3892E1455B4DBBE05] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-file-l1-2-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018232 ____A [E479444BDD4AE4577FD32314A68F5D28] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-file-l2-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018232 ____A [6DB54065B33861967B491DD1C8FD8595] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-handle-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018744 ____A [D0873E21721D04E20B6FFB038ACCF2F1] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-libraryloader-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000020792 ____A [EFF11130BFE0D9C90C0026BF2FB219AE] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-localization-l1-2-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018744 ____A [D500D9E24F33933956DF0E26F087FD91] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-memory-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000019248 ____A [5F73A814936C8E7E4A2DFD68876143C8] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-processenvironment-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000019392 ____A [A2D7D7711F9C0E3E065B2929FF342666] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-processthreads-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000017720 ____A [FDBA0DB0A1652D86CD471EAA509E56EA] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-rtlsupport-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000018232 ____A [12CC7D8017023EF04EBDD28EF9558305] (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\MappingDevice\MailSxropce\api-ms-win-core-string-l1-1-0.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000010428 ____A [07B61ED842256CC9B445311BF61C59C7] () C:\ProgramData\MappingDevice\MailSxropce\Excel15.xlb 2021-08-29 22:49 - 2021-08-29 22:49 - 000591592 ____A [E12C9319237EAFB34F2BECEF00273561] (Beijing Qihu Technology Co., Ltd. -> 360.cn) C:\ProgramData\MappingDevice\MailSxropce\FastAnimation.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000217004 ____A [AF272B1AAB75BFAF5C7D2AABB4E121B0] () C:\ProgramData\MappingDevice\MailSxropce\fbc50BE.tmp 2021-08-29 22:49 - 2021-08-29 22:49 - 000473600 ____A [A67373DF45C84B087B597CC7DD01D74E] () C:\ProgramData\MappingDevice\MailSxropce\Guardado con Autorrecuperación de Gestión del riesgo de desastres - Identificación y caracteriazción del riesgo.asd 2021-08-29 22:49 - 2021-08-29 22:49 - 001428992 ____A [5A7BADA67962AD91D0E7E1F2A64F7763] () C:\ProgramData\MappingDevice\MailSxropce\Guardado con Autorrecuperación de MÉTODOS - ACTIVIDAD final.asd 2021-08-29 22:49 - 2021-08-29 22:49 - 011951616 ____A [F8A82E15E42AC1C2710AD809D905C3F1] () C:\ProgramData\MappingDevice\MailSxropce\Guardado con Autorrecuperación de Plan de Gestion del Riesgo de Desastres - PTAP Palacé.asd 2021-08-29 22:49 - 2021-08-29 22:49 - 000540184 ____A [0309CAC042ABA2FECBACD07902E2F3F5] (Corporation for Digital Scholarship -> Corporation for Digital Scholarship) C:\ProgramData\MappingDevice\MailSxropce\helper.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000009944 ____A [737FD66731DCF170E901DA0D2DB28523] () C:\ProgramData\MappingDevice\MailSxropce\ibmtsoftKET16.amb 2021-08-29 22:49 - 2021-08-29 22:49 - 000011055 ____A [9F0A75C480E41F33D09688A0412B9B86] () C:\ProgramData\MappingDevice\MailSxropce\image.jpg 2021-08-29 22:49 - 2021-08-29 22:49 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\MappingDevice\MailSxropce\JyttvurePN0223.num 2021-08-29 22:49 - 2021-08-29 22:49 - 000688586 ____A [BE7B4369EA04B55C4CF42FB3ACEF90D0] () C:\ProgramData\MappingDevice\MailSxropce\leakrepair.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000013503 ____A [78E1AABE659CDBF4696809D3AD4CA7A9] () C:\ProgramData\MappingDevice\MailSxropce\ListGal.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000008484 ____A [AC680477A3F64DFE5B0885ED3C9C60CC] () C:\ProgramData\MappingDevice\MailSxropce\livep.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000003607 ____A [FDCF1DD5E87FB93B807AB9872E2B0684] () C:\ProgramData\MappingDevice\MailSxropce\log.txt 2021-08-29 22:49 - 2021-08-29 22:49 - 003013917 ____A [44A261B1667F35F3152410C85A2D0403] () C:\ProgramData\MappingDevice\MailSxropce\logs.txt 2021-08-29 22:49 - 2021-08-29 22:49 - 000360129 ____A [83EE372FC2C19B22CFE346C5F69ECA94] () C:\ProgramData\MappingDevice\MailSxropce\manifest.json 2021-08-29 22:49 - 2021-08-29 22:49 - 000220304 ____A [8619A1D2869E684781C892A9649C20DA] (McAfee, LLC -> McAfee, Inc.) C:\ProgramData\MappingDevice\MailSxropce\McCorePS.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000342640 ____A [C3D3234A3EF23A831E73D959A51B49E2] (McAfee, LLC -> McAfee, LLC) C:\ProgramData\MappingDevice\MailSxropce\McInstallerRes.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000191056 ____A [5E73D1CBED83804025A5A6F191F04CA8] (McAfee, LLC -> McAfee, LLC) C:\ProgramData\MappingDevice\MailSxropce\McInstallerRes_LD.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 003881344 ____A [61BEA71BB76B4922D448AA5FF268766E] (McAfee, LLC -> McAfee, LLC) C:\ProgramData\MappingDevice\MailSxropce\McInstallerStartup.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000050706 ____A [3FFB6740E5FF3A7A2FECD272FC493212] () C:\ProgramData\MappingDevice\MailSxropce\MSO3082.acl 2021-08-29 22:49 - 2021-08-29 22:49 - 000923792 ____A [061ED2190EC9312C0C6D5A46F3E1C0F8] () C:\ProgramData\MappingDevice\MailSxropce\New360_formal_1550557728181_26576_126.log2 2021-08-29 22:49 - 2021-08-29 22:49 - 002098872 ____A [D80C51D5CCFE8AB6902679DA32176B7D] () C:\ProgramData\MappingDevice\MailSxropce\New360_formal_4686480051600_8940_308.log2 2021-08-29 22:49 - 2021-08-29 22:49 - 006237764 ____A [5D2004E65996009212670E82A5637444] () C:\ProgramData\MappingDevice\MailSxropce\old_logs_20231208225158.txt 2021-08-29 22:49 - 2021-08-29 22:49 - 001811976 ____A [D5AA85B89FF680B78614067D21E44343] (Corporation for Digital Scholarship -> ) C:\ProgramData\MappingDevice\MailSxropce\pdfinfo.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 002855456 ____A [08CC72D94347167833561BAD357B3617] (Corporation for Digital Scholarship -> ) C:\ProgramData\MappingDevice\MailSxropce\pdftotext.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000029982 ____A [4819D849DD99CCED2675598D3CA42492] () C:\ProgramData\MappingDevice\MailSxropce\preauth.json 2021-08-29 22:49 - 2021-08-29 22:49 - 000009891 ____A [3076A28350E966D03AD42F42FEEB41F2] () C:\ProgramData\MappingDevice\MailSxropce\profile.xml 2021-08-29 22:49 - 2021-08-29 22:49 - 005202152 ____A [6E9415AC72C3AB850B168CB17A54CCB6] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\MailSxropce\QHSafeMain.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000016104 ____A [578ABF2A1FE591701F85CE7BD5C02AE2] (Beijing Qihu Technology Co., Ltd. -> ) C:\ProgramData\MappingDevice\MailSxropce\QHVer.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000867880 ____A [F63B49871434DF8D4EF4135D02B5E6E9] (McAfee, LLC -> McAfee, Inc.) C:\ProgramData\MappingDevice\MailSxropce\QsLite.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 062586880 ____A [F3BDABE7FE1F0B6EBB442DEC2AD135F3] () C:\ProgramData\MappingDevice\MailSxropce\Seaqcm5Wmin.mpc 2021-08-29 22:49 - 2021-08-29 22:49 - 000086585 ____A [DCBF2C48CEAAF5BDB64EE9D07EAC008A] () C:\ProgramData\MappingDevice\MailSxropce\servers.xml 2021-08-29 22:49 - 2021-08-29 22:49 - 000217656 ____A [43171994F771D2BB76318292AD50F939] () C:\ProgramData\MappingDevice\MailSxropce\settings.json 2021-08-29 22:49 - 2021-08-29 22:49 - 000179339 ____A [1D905DDA621389F9334162E1D1A8FA02] () C:\ProgramData\MappingDevice\MailSxropce\SquirrelTelemetry.log 2021-08-29 22:49 - 2021-08-29 22:49 - 001396456 ____A [18B951FD75F4444E7C946C991DF2E1CF] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\MailSxropce\ToolBox.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 003961064 ____A [E0B92C89DF7DE1FBDC6E8B7377868FEC] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\ProgramData\MappingDevice\MailSxropce\Uninstall.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 000015468 ____A [163EAD0B570A89F8C9096C2110F848F3] () C:\ProgramData\MappingDevice\MailSxropce\updatecache.dat 2021-08-29 22:49 - 2021-08-29 22:49 - 000139480 ____A [4CF39366C45B4183B9F78218F6EBE2E6] () C:\ProgramData\MappingDevice\MailSxropce\updatecfg.ini 2021-08-29 22:49 - 2021-08-29 22:49 - 000292648 ____A [EC972A173B0D0D30FED4EED4A1660673] (Corporation for Digital Scholarship -> Mozilla Foundation) C:\ProgramData\MappingDevice\MailSxropce\updater.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 002192998 ____A [9F97F0E317CFE5340CDD5E67B312B686] () C:\ProgramData\MappingDevice\MailSxropce\verofwkrSysQEXE2.pen 2021-08-29 22:49 - 2021-08-29 22:49 - 000084819 ____A [207C3EE3E7248A46A00758CFFA4E69E1] () C:\ProgramData\MappingDevice\MailSxropce\vlcrc 2021-08-29 22:49 - 2021-08-29 22:49 - 000159744 ____A [A0EE0DC633B5C78A112F3EA2DAD27660] () [Archivo no firmado] C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll 2021-08-29 22:49 - 2021-08-29 22:49 - 000255280 ____A [5DBAE917DDFCCE31501148F4DCDE8BD0] (Corporation for Digital Scholarship -> Corporation for Digital Scholarship) C:\ProgramData\MappingDevice\MailSxropce\zotero.exe 2021-08-29 22:49 - 2021-08-29 22:49 - 017837921 ____A [232BA76D8FD61857EB9FB04640D9F7E2] () C:\ProgramData\MappingDevice\MailSxropce\zotero.jar 2021-08-29 22:49 - 2021-08-29 22:49 - 000020879 ____A [427C53C5E5582661F42C97BB41B32F63] () C:\ProgramData\MappingDevice\MailSxropce\zotero-service.js ====== Final de Folder: ====== ========================= Folder: C:\tools\kernrate ======================== no encontrado. ====== Final de Folder: ====== ========================= Folder: C:\tools ======================== no encontrado. ====== Final de Folder: ====== ========================= File: C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll ======================== C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll Archivo no firmado MD5: A0EE0DC633B5C78A112F3EA2DAD27660 Fecha de creación y modificación: 2021-08-29 22:49 - 2021-08-29 22:49 Tamaño: 000159744 Atributos: ----A Nombre de la compañía: Interno Nombre: WMSPlo6Sesrcli32.dll Original Nombre: WMSPlo6Sesrcli32.dll Producto: Descripción: Archivo Versión: 0.0.0.0 Producto Versión: 0.0.0.0 Copyright: Virusscan: Error:(2) ====== Final de File: ====== ========================= File: C:\Users\USUARIO\Downloads\yehly8hb.exe ======================== C:\Users\USUARIO\Downloads\yehly8hb.exe El archivo está firmado digitalmente MD5: B0E5BE6F94C801F865C5C724B4C562F6 Fecha de creación y modificación: 2024-03-12 01:56 - 2024-03-12 02:01 Tamaño: 315235264 Atributos: ----A Nombre de la compañía: DOCTOR WEB, LTD -> Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: Virusscan: Error:(2) ====== Final de File: ====== ========================= File: C:\Users\USUARIO\Downloads\kucc1siq.exe ======================== C:\Users\USUARIO\Downloads\kucc1siq.exe El archivo está firmado digitalmente MD5: 37DC115FC91817A0642EDFA724F017F1 Fecha de creación y modificación: 2024-03-12 20:30 - 2024-03-12 20:35 Tamaño: 315348752 Atributos: ----A Nombre de la compañía: DOCTOR WEB, LTD -> Interno Nombre: Original Nombre: Producto: Descripción: Archivo Versión: Producto Versión: Copyright: Virusscan: Error:(2) ====== Final de File: ====== HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente HKLM\SOFTWARE\Policies\Microsoft\MRT => eliminado correctamente "HKU\S-1-5-21-3967491181-1079075237-2608322229-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => eliminado correctamente "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" => no encontrado "C:\Program Files (x86)\McAfee Security Scan\4.1.321\SSScheduler.exe" => no encontrado "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BF16F8AC-C3FD-470F-97B0-3B715C394B3D}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF16F8AC-C3FD-470F-97B0-3B715C394B3D}" => eliminado correctamente C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient\sspifrwnh => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CertificateServicesClient\sspifrwnh" => eliminado correctamente C:\ProgramData\MappingDevice\MailSxropce\WMSPlo6Sesrcli32.dll => movido correctamente "C:\ProgramData\MappingDevice" Carpeta mover: C:\ProgramData\MappingDevice => movido correctamente HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente HKLM\System\CurrentControlSet\Services\dmwappushservice => eliminado correctamente dmwappushservice => servicio eliminado correctamente "CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente "BVTFilter" => eliminado correctamente "BVTConsumer" => eliminado correctamente C:\ProgramData\TEMP => ":CB2A6156" ADS eliminado correctamente ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= Final de CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 2 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios est‚n desconectados. No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios est‚n desconectados. Adaptador de Ethernet Conexi¢n de  rea local 2: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica: Sufijo DNS espec¡fico para la conexi¢n. . : Coship Direcci¢n IPv6 . . . . . . . . . . : 2800:484:aa78:9900::5 Direcci¢n IPv6 . . . . . . . . . . : 2800:484:aa78:9900:946f:f107:da53:f575 Direcci¢n IPv6 temporal. . . . . . : 2800:484:aa78:9900:6d22:b029:7201:fbea V¡nculo: direcci¢n IPv6 local. . . : fe80::946f:f107:da53:f575%14 Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.13 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : fe80::96bf:95ff:feba:169d%14 192.168.0.1 Adaptador de Ethernet Conexi¢n de  rea local: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de Ethernet Conexi¢n de red Bluetooth: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de t£nel isatap.{2B58CB71-10E2-4960-B965-1382A6C72831}: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de t£nel isatap.Coship: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Coship Adaptador de t£nel isatap.{EB3870D7-9664-4AF2-BFB5-50CC31251E77}: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de t£nel isatap.{BD5DB4F1-6A03-4CB1-8A70-FB4530A10FA3}: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : Adaptador de t£nel isatap.{F046C1BA-86E0-4802-8512-371AEB83FDFE}: Estado de los medios. . . . . . . . . . . : medios desconectados Sufijo DNS espec¡fico para la conexi¢n. . : ========= Final de CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= Final de CMD: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= Final de CMD: ========= ========= netsh advfirewall reset ========= Aceptar ========= Final de CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Aceptar ========= Final de CMD: ========= ========= netsh int ipv4 reset ========= Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= Final de CMD: ========= ========= netsh int ipv6 reset ========= No hay valores configurados por el usuario para restablecer. ========= Final de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente "HKU\S-1-5-21-3967491181-1079075237-2608322229-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente "HKU\S-1-5-21-3967491181-1079075237-2608322229-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente ========= Final de RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => movido correctamente Hosts restaurado correctamente. =========== EmptyTemp: ========== FlushDNS => completado BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5102972 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B Windows/system/drivers => 1370558 B Edge => 0 B Chrome => 491518835 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B USUARIO => 195031556 B RecycleBin => 4369376 B EmptyTemp: => 665.1 MB datos temporales eliminados. ================================ El sistema necesita reiniciarse. ==== Final de Fixlog 22:39:49 ====