Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-03-2020 Ejecutado por Silvia (04-04-2020 11:28:44) Ejecutado desde C:\Users\Silvia\Desktop Windows 7 Home Basic Service Pack 1 (X64) (2013-07-12 23:39:28) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-3019253350-1869777649-2031913490-500 - Administrator - Disabled) Invitado (S-1-5-21-3019253350-1869777649-2031913490-501 - Limited - Disabled) => C:\Users\Invitado Silvia (S-1-5-21-3019253350-1869777649-2031913490-1001 - Administrator - Enabled) => C:\Users\Silvia UpdatusUser (S-1-5-21-3019253350-1869777649-2031913490-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Avast Antivirus (Disabled - Out of date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Out of date) {5078598A-1FA2-C888-AA5F-A9C66537DB12} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) „Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated) Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated) Adobe Reader X (10.0.1) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (HKLM-x32\...\WT085587) (Version: 2.2.0.82 - WildTangent) Hidden Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.145 - Atheros) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3765.150 - AVAST Software) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.6.605.0 - AVAST Software) Hidden Bejeweled 2 Deluxe (HKLM-x32\...\WT089286) (Version: 2.2.0.95 - WildTangent) Hidden BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.40.10.1013 - BlueStack Systems, Inc.) Build-a-lot (HKLM-x32\...\WT085597) (Version: 2.2.0.82 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{41605F0B-507F-43F9-9660-B8C9FADF0422}) (Version: 82.0.4085.24 - Google Inc.) ChromePlayerPlugin (HKLM-x32\...\{3F8C7A30-89B0-44F9-886E-D8E0C8C39282}) (Version: 3.23 - MinervaNetworks Inc.) Chuzzle Deluxe (HKLM-x32\...\WT085567) (Version: 2.2.0.82 - WildTangent) Hidden CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.) CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5216 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT085559) (Version: 2.2.0.82 - WildTangent) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 94.4.384 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.2.4 - Samsung Electronics Co., Ltd.) Easy Migration (HKLM-x32\...\{EDE7A262-DB20-4432-A630-2ACEE186C416}) (Version: 1.0 - Samsung Electronics CO., LTD.) Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.) Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.2.18.13 - Samsung Electronics CO., LTD.) Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.28 - Samsung Electronics CO., LTD.) Farm Frenzy (HKLM-x32\...\WT085618) (Version: 2.2.0.82 - WildTangent) Hidden Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden GoToMeeting 8.45.3.13481 (HKU\S-1-5-21-3019253350-1869777649-2031913490-1001\...\GoToMeeting) (Version: 8.45.3.13481 - LogMeIn, Inc.) Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation) HL-1210W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.) Insaniquarium Deluxe (HKLM-x32\...\WT085622) (Version: 2.2.0.82 - WildTangent) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) John Deere Drive Green (HKLM-x32\...\WT085580) (Version: 2.2.0.82 - WildTangent) Hidden Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden Multilizer PDF Translator (Build 10.3.2) (HKLM-x32\...\Multilizer PDF Translator_is1) (Version: - Rex Partners) Multimedia POP (HKLM-x32\...\{CE3007FF-3E77-4B5B-8F94-662C9582C8A5}) (Version: 1.1 - Samsung Electronics CO., LTD.) NVIDIA Graphics Driver 296.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.01 - NVIDIA Corporation) NVIDIA PhysX System Software 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation) Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation) Peggle (HKLM-x32\...\WT085663) (Version: 2.2.0.82 - WildTangent) Hidden Penguins! (HKLM-x32\...\WT085581) (Version: 2.2.0.82 - WildTangent) Hidden Plants vs. Zombies (HKLM-x32\...\WT085669) (Version: 2.2.0.82 - WildTangent) Hidden Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Golfer (HKLM-x32\...\WT085583) (Version: 2.2.0.82 - WildTangent) Hidden Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 5.0.2.21911 - Medixant) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6608 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) RedAdHoc (HKLM-x32\...\RedAdHoc3.2.3) (Version: 3.2.3 - Danny Daniel Neyra) Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.2.4 - Samsung) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.4445 - TeamViewer) Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod) User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.6 - Samsung Electronics CO., LTD.) Videostream (HKU\S-1-5-21-3019253350-1869777649-2031913490-1001\...\Videostream) (Version: 0.3.6 - Videostream) VLC media player 1.1.7 (HKLM-x32\...\VLC media player) (Version: 1.1.7 - VideoLAN) Vysor (HKU\S-1-5-21-3019253350-1869777649-2031913490-1001\...\Vysor) (Version: 1.8.3 - ClockworkMod) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent) WildTangent ORB Game Console (HKLM-x32\...\Game Console - WildGames) (Version: - WildTangent) Hidden Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-3019253350-1869777649-2031913490-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.) Zuma Deluxe (HKLM-x32\...\WT089285) (Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-3019253350-1869777649-2031913490-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Silvia\AppData\Local\GoToMeeting\13481\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => -> Ningún archivo ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-06-28] (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [Baidu_Scan] -> [CC]{0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => -> Ningún archivo ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll -> Ningún archivo ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-06-28] (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2012-02-25] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-04-03] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll -> Ningún archivo ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado] ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Módulos cargados (Lista blanca) ============= 2012-07-27 05:03 - 2006-08-12 00:48 - 000049152 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll 2012-07-27 05:03 - 2011-02-16 13:03 - 000203776 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll 2012-07-27 05:14 - 2011-09-08 07:40 - 001645056 _____ () [Archivo no firmado] C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll 2012-06-28 03:16 - 2012-06-28 03:16 - 000054400 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000020608 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000041088 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL 2012-06-28 03:17 - 2012-06-28 03:17 - 000045696 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL 2012-06-28 03:17 - 2012-06-28 03:17 - 000516736 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\filetransfer.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000085632 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\GattI.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000099968 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL 2012-06-28 03:17 - 2012-06-28 03:17 - 000106624 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL 2012-06-28 03:17 - 2012-06-28 03:17 - 000083072 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000093824 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000311936 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 004978304 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000074368 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL 2012-06-28 03:17 - 2012-06-28 03:17 - 000065664 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000109696 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000042112 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\sim.DLL 2012-06-28 03:17 - 2012-06-28 03:17 - 000130176 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000061568 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Sync.dll 2012-06-28 03:17 - 2012-06-28 03:17 - 000030848 _____ (Qualcomm Atheros -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\utils.DLL 2012-07-27 05:03 - 2012-01-31 03:58 - 000221064 _____ (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\Samsung\Easy Settings\GPSTurboModeDLL.dll 2012-07-27 05:03 - 2012-03-04 23:10 - 000321416 _____ (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [Archivo no firmado] C:\Program Files (x86)\Samsung\Easy Settings\SUS.dll ==================== Alternate Data Streams (Lista blanca) ======== ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== 2015-10-09 14:46 - 2015-10-09 14:53 - 000000375 _____ C:\windows\system32\drivers\etc\hosts.ics ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\ HKU\S-1-5-21-3019253350-1869777649-2031913490-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Silvia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 200.42.4.198 - 200.49.130.44 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AeLookupSvc => 3 MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DbxSvc => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: GameConsoleService => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: Motorola Device Manager => 2 MSCONFIG\Services: PST Service => 2 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: SamsungDeviceConfigurationWinService => 2 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupreg: 20131121 => C:\Program Files\AVAST Software\Avast\setup\emupdate\8f0ba9fc-c573-4ddd-8032-97e31bd9a600.exe /check MSCONFIG\startupreg: 9355785 => "C:\Users\Silvia\AppData\Roaming\jf11q3mxp14\vmuhsksiwz1.exe" /VERYSILENT MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: BingSvc => C:\Users\Silvia\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: Flvto Youtube Downloader => "C:\Users\Silvia\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize MSCONFIG\startupreg: GoogleChromeAutoLaunch_B075222032A5D7432E4ECEF0A9C201DE => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: Malwarebytes Anti-Malware (cleanup) => "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" MSCONFIG\startupreg: RRJVYSR4O6WXHT2 => "C:\Program Files\8UYDOGEHY9\8UYDOGEHY.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Videostream => "C:\Users\Silvia\AppData\Local\Videostream\app-0.3.6\Videostream.exe" startup ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [{BA5FE7CA-8268-49F9-B9B4-4CA0A3978102}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ABF91667-BC3E-45EE-BC55-3F83E857930C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8B7B4970-AA0E-4519-9F32-78BB2B3CD341}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A51D9C21-33BE-49EE-AD8C-CA2B2FB4CDAA}] => (Allow) LPort=2869 FirewallRules: [{A885AD85-D5EE-424F-B497-7A4F2EC7293F}] => (Allow) LPort=1900 FirewallRules: [{58B761E7-16F5-4AA0-BE33-BC59E73E2BA2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{081F0719-EB44-4E98-B3EC-4874D9EA90D0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{414118AE-0144-4932-9282-0A02FF8516F5}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{31CED7BB-C7D5-4A76-87A6-846CF217FD60}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink -> CyberLink Corp.) FirewallRules: [{2F016B6E-BA90-4FC3-982C-E25A64B6355F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Archivo no firmado] FirewallRules: [{E4448C99-B99C-490F-B2A5-F8E9183D3F8F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Archivo no firmado] FirewallRules: [{F84461A4-A7DC-4A8B-9F3F-ACD470369FEE}] => (Allow) C:\Program Files (x86)\Danny Daniel Neyra\RedAdHoc 3.2.0\RedAdHoc.exe (RedAdHoc) [Archivo no firmado] FirewallRules: [TCP Query User{27FAAE41-41BE-43DA-8A01-C4625E40BB72}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe Ningún archivo FirewallRules: [UDP Query User{D6838BA3-06E4-4C8B-A86E-03F585CA5384}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe Ningún archivo FirewallRules: [TCP Query User{15A63724-382D-423C-8D68-7FA2E2E3AA20}D:\easysetupassistant\tssh2.exe] => (Allow) D:\easysetupassistant\tssh2.exe Ningún archivo FirewallRules: [UDP Query User{EE185765-F42E-4E0F-9E16-56E8B9B35AE2}D:\easysetupassistant\tssh2.exe] => (Allow) D:\easysetupassistant\tssh2.exe Ningún archivo FirewallRules: [{CBE54A99-ADFB-451B-9855-DF1D781908C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{12607C75-84B1-458A-9E05-677B675D2A5E}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe () [Archivo no firmado] FirewallRules: [{CE0E070D-85A5-4E1E-A740-32AF8F7DB816}] => (Allow) C:\Program Files (x86)\Multilizer\MultilizerPDFTranslator\PDFTRanslationWizard.exe () [Archivo no firmado] FirewallRules: [TCP Query User{59427F97-6B96-4092-8836-238C99C97FEF}C:\programdata\minervanetworks\chromeplayerplugin\browserpluginhelper.exe] => (Allow) C:\programdata\minervanetworks\chromeplayerplugin\browserpluginhelper.exe () [Archivo no firmado] FirewallRules: [UDP Query User{670F3142-22C2-4814-96B9-80C1E5729435}C:\programdata\minervanetworks\chromeplayerplugin\browserpluginhelper.exe] => (Allow) C:\programdata\minervanetworks\chromeplayerplugin\browserpluginhelper.exe () [Archivo no firmado] FirewallRules: [TCP Query User{2D986A2E-C2E0-4C38-B30C-F19221519D8A}C:\program files (x86)\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files (x86)\pc remote receiver\pcremotereceiver.exe (Monect) [Archivo no firmado] FirewallRules: [UDP Query User{4953423B-A757-46E8-97B6-20E61AC7CCE7}C:\program files (x86)\pc remote receiver\pcremotereceiver.exe] => (Allow) C:\program files (x86)\pc remote receiver\pcremotereceiver.exe (Monect) [Archivo no firmado] FirewallRules: [{C2CCE85C-94AB-46FD-A7B0-E5488BE58764}] => (Allow) C:\Program Files (x86)\PC Remote Receiver\PCRemoteReceiver.exe (Monect) [Archivo no firmado] FirewallRules: [{D7231702-D42A-4A9A-8425-1D14AB851B75}] => (Allow) C:\Program Files (x86)\PC Remote Receiver\MonectMediaCenter.exe () [Archivo no firmado] FirewallRules: [TCP Query User{81A5294C-1F43-4855-B3C8-A4DB9FE8B769}C:\users\silvia\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\silvia\appdata\local\vysor\app-1.8.3\vysor.exe (ClockworkMod) [Archivo no firmado] FirewallRules: [UDP Query User{C575A6BA-29EE-458E-BB67-8CDB8CB43393}C:\users\silvia\appdata\local\vysor\app-1.8.3\vysor.exe] => (Allow) C:\users\silvia\appdata\local\vysor\app-1.8.3\vysor.exe (ClockworkMod) [Archivo no firmado] FirewallRules: [TCP Query User{A88924A8-2402-4F44-9552-AC26D3175FEB}C:\program files (x86)\pc remote receiver1\pcremotereceiver.exe] => (Allow) C:\program files (x86)\pc remote receiver1\pcremotereceiver.exe Ningún archivo FirewallRules: [UDP Query User{B6D85801-02EF-4C81-8051-15A80ACC2F5F}C:\program files (x86)\pc remote receiver1\pcremotereceiver.exe] => (Allow) C:\program files (x86)\pc remote receiver1\pcremotereceiver.exe Ningún archivo FirewallRules: [TCP Query User{94DC313A-7C59-45BE-A9CD-A631F3463980}C:\program files (x86)\pc remote receiver1\monectmediacenter.exe] => (Allow) C:\program files (x86)\pc remote receiver1\monectmediacenter.exe Ningún archivo FirewallRules: [UDP Query User{E33C42BC-2870-4DE8-A919-682384ECF4E9}C:\program files (x86)\pc remote receiver1\monectmediacenter.exe] => (Allow) C:\program files (x86)\pc remote receiver1\monectmediacenter.exe Ningún archivo FirewallRules: [{2AB221F7-7422-4C0A-8DC7-31729C0979F3}] => (Allow) LPort=5556 FirewallRules: [{43B56F57-E37F-4705-B04C-F752F913FB11}] => (Allow) LPort=5557 FirewallRules: [{DFA2FA9E-9EBD-43C4-B757-A64D210098E0}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{4DE3EADE-9B77-4F4D-BD6F-3985D808BD7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{AB5127BD-B9CE-4D65-8126-E239DB7C2E18}] => (Allow) C:\Users\Silvia\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{1A628C10-52C5-4F4D-BA3D-1DE5AD9BBB2B}] => (Allow) C:\Users\Silvia\AppData\Roaming\Zoom\bin\airhost.exe Ningún archivo FirewallRules: [{E391FE85-1B3C-4ACB-B643-4B745022661C}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\82.0.4085.24\remoting_host.exe (Google LLC -> Google Inc.) FirewallRules: [{3B2A889E-15C5-4B25-A284-D69886C4939B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{E7D5B691-B140-41FA-B7B9-0FC2785A4875}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{43C5551F-C113-47D9-8213-0580B77A9C0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{363094FB-2324-42E4-BBEE-00A0CED2D27A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{DF6F2AF7-833B-49F5-83DE-ADCBBF17EBBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{D0FB0D7C-5464-488C-9428-2FAD3203F38E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) ==================== Puntos de Restauración ========================= ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ Name: Teredo Tunneling Pseudo-Interface Description: Adaptador de tunelización Teredo de Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Dispositivo periférico Bluetooth Description: Dispositivo periférico Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Intel(R) Management Engine Interface Description: Intel(R) Management Engine Interface Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: MEIx64 Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (04/04/2020 11:19:11 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows no puede cargar el archivo de Registro de clases. DETALLE: El sistema no puede encontrar el archivo especificado. Error: (04/04/2020 11:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (04/03/2020 12:07:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: SamoyedAgent.exe, versión: 1.2.2.8, marca de tiempo: 0x4ff57ce1 Nombre del módulo con errores: SamoyedAgent.exe, versión: 1.2.2.8, marca de tiempo: 0x4ff57ce1 Código de excepción: 0x40000015 Desplazamiento de errores: 0x000000000026da6d Id. del proceso con errores: 0x10b8 Hora de inicio de la aplicación con errores: 0x01d609b718ffeaef Ruta de acceso de la aplicación con errores: C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe Ruta de acceso del módulo con errores: C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe Id. del informe: cdd6ff14-75bc-11ea-bd28-50b7c328e4ff Error: (04/03/2020 11:25:51 AM) (Source: sesvc) (EventID: 0) (User: ) Description: No se puede iniciar el servicio. El proceso del servicio no puede conectar con el controlador del servicio Error: (04/03/2020 10:57:35 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: El programa StellarDataRecovery.exe, versión 0.0.0.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades. Identificador de proceso: 3ec Hora de inicio: 01d609bf611e8154 Hora de finalización: 383 Ruta de acceso de la aplicación: C:\Program Files (x86)\Stellar Data Recovery\StellarDataRecovery.exe Identificador de informe: be77db0f-75b2-11ea-bd28-50b7c328e4ff Error: (04/03/2020 09:56:54 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY) Description: Windows no puede cargar el archivo de Registro de clases. DETALLE: El sistema no puede encontrar el archivo especificado. Error: (04/03/2020 09:55:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema. Error: (04/03/2020 09:44:10 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Error al generar el contexto de activación para "c:\program files (x86)\stellar data recovery\StellarRepairforPhoto.exe". Error en el archivo de manifiesto o directiva "" en la línea . Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Componente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Errores del sistema: ============= Error: (04/04/2020 11:21:36 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: El servicio NVIDIA Update Service Daemon no respondió después de iniciar. Error: (04/04/2020 11:18:33 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Error: (04/04/2020 11:18:03 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Error: (04/04/2020 11:17:29 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Error: (04/04/2020 11:17:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Error: (04/04/2020 11:17:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Error: (04/04/2020 11:17:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Error: (04/04/2020 11:17:08 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: Error al intentar leer el archivo local de hosts. Windows Defender: =================================== Date: 2018-09-14 20:22:02.928 Description: El examen de Windows Defender se detuvo antes de completarse. Id. de examen:{6843B6A6-792D-45CF-86D4-8A9C66E22951} Tipo de examen:AntiSpyware Parámetros de examen:Examen rápido Usuario:NT AUTHORITY\Servicio de red Date: 2016-06-08 20:13:09.312 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/SupTab&threatid=214126 Nombre:BrowserModifier:Win32/SupTab Id.:214126 Gravedad:Alta Categoría:Modificador de explorador Ruta de acceso encontrada:file:C:\ProgramData\WindowsMangerProtect\update\conf;file:C:\Users\Silvia\AppData\Roaming\mystartsearch\log\UninstallManager_2015-02-01[16-04-12-597].log;file:C:\Users\Silvia\AppData\Roaming\mystartsearch\UninstallManager.exe;folder:C:\ProgramData\WindowsMangerProtect\;folder:C:\ProgramData\WindowsMangerProtect\update\;folder:C:\Users\Silvia\AppData\Roaming\mystartsearch\;folder:C:\Users\Silvia\AppData\Roaming\mystartsearch\log\ Tipo de detección:Concreto Origen de detección:Sistema Estado:Desconocido Usuario:NT AUTHORITY\Servicio de red Nombre de proceso:c:\program files\windows defender\MpCmdRun.exe Date: 2015-09-11 23:47:46.138 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Diplugem&threatid=213571 Nombre:BrowserModifier:Win32/Diplugem Id.:213571 Gravedad:Alta Categoría:Modificador de explorador Ruta de acceso encontrada:file:C:\Program Files (x86)\LibraryProc\LibraryProc.dll;file:C:\Users\Silvia\AppData\Local\Temp\ANXAMX.tmp\bubit.dll;file:C:\Users\Silvia\AppData\Local\Temp\OQOMKH.tmp\bubit.dll;file:C:\Users\Silvia\AppData\Local\Temp\OVWXSN.tmp\bubit.dll;process:pid:4920,ProcessStart:130864989470379391;process:pid:5616,ProcessStart:130864989470239383;service:163ac2d4 Tipo de detección:Concreto Origen de detección:Protección en tiempo real Estado:Desconocido Usuario:\ Nombre de proceso: Date: 2015-09-11 23:36:41.014 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Diplugem&threatid=213571 Nombre:BrowserModifier:Win32/Diplugem Id.:213571 Gravedad:Alta Categoría:Modificador de explorador Ruta de acceso encontrada:file:C:\Program Files (x86)\LibraryProc\LibraryProc.dll;file:C:\Users\Silvia\AppData\Local\Temp\ANXAMX.tmp\bubit.dll;file:C:\Users\Silvia\AppData\Local\Temp\OQOMKH.tmp\bubit.dll;file:C:\Users\Silvia\AppData\Local\Temp\OVWXSN.tmp\bubit.dll Tipo de detección:Concreto Origen de detección:Protección en tiempo real Estado:Desconocido Usuario:\ Nombre de proceso: Date: 2015-09-11 23:35:56.952 Description: Windows Defender detectó spyware u otro software potencialmente no deseado. Para obtener más información, consulte lo siguiente: http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Diplugem&threatid=213571 Nombre:BrowserModifier:Win32/Diplugem Id.:213571 Gravedad:Alta Categoría:Modificador de explorador Ruta de acceso encontrada:file:C:\Program Files (x86)\LibraryProc\LibraryProc.dll;file:C:\Users\Silvia\AppData\Local\Temp\OQOMKH.tmp\bubit.dll;file:C:\Users\Silvia\AppData\Local\Temp\OVWXSN.tmp\bubit.dll Tipo de detección:Concreto Origen de detección:Protección en tiempo real Estado:Desconocido Usuario:\ Nombre de proceso: ==================== Información de la memoria =========================== BIOS: Phoenix Technologies Ltd. P04RAJ 10/25/2012 Placa base: SAMSUNG ELECTRONICS CO., LTD. SAMSUNG_NP1234567890 Procesador: Intel(R) Pentium(R) CPU B960 @ 2.20GHz Porcentaje de memoria en uso: 79% RAM física total: 3875.54 MB RAM física disponible: 790.58 MB Virtual total: 7749.26 MB Virtual disponible: 4356.15 MB ==================== Unidades ================================ Drive c: (Local Disk) (Fixed) (Total:442.38 GB) (Free:281.55 GB) NTFS \\?\Volume{61eb9e45-d845-11e1-a100-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{bc712d25-29ea-11e2-a36f-806e6f6e6963}\ (SAMSUNG_REC) (Fixed) (Total:23.28 GB) (Free:0.93 GB) NTFS ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 7C3D6277) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=442.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=23.3 GB) - (Type=27) ==================== Final de Addition.txt =======================