Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 28-11-2020 Ejecutado por selohu (28-11-2020 15:11:52) Run:1 Ejecutado desde C:\Users\xxxx\Desktop Perfiles cargados: xxxx Modo de Inicio: Normal ============================================== fixlist contenido: ***************** Start: CloseProcesses: CreateRestorePoint: HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 HKLM\...\Policies\Explorer: [NoFile] 0 HKLM\...\Policies\Explorer: [HideClock] 0 HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 HKLM\...\Policies\Explorer: [NoDFSTab] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoLogoff] 0 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 0 HKLM\...\Policies\Explorer: [NoSaveSettings] 0 HKLM\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --enable-gpu-rasterization --enable-oop-rasterization --enable-features=GlobalMediaControls,GlobalMediaControlsForCas (la entrada de datos tiene 234 más caracteres). HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2151080 2020-11-20] (Brave Software, Inc. -> Brave Software, Inc.) Task: {1B67B934-BF56-4500-8B7A-84D56E3EDB49} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\selohu\Desktop\esetonlinescanner_enu.exe [15012440 2020-11-18] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {2C3535E1-136E-4769-B5AE-DEA8EA7B47E6} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\selohu\Desktop\esetonlinescanner_enu.exe [15012440 2020-11-18] (ESET, spol. s r.o. -> ESET spol. s r.o.) Tcpip…\Interfaces{8ae7e996-d9e6-4ca8-a372-ac5cf1c5e946}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] S3 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [199304 2020-10-21] (Beijing Qihu Technology Co., Ltd. -> 360.cn) S3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2020-10-21] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) S3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2020-04-21] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [345896 2020-10-21] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2020-10-21] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) S0 360elam64; C:\WINDOWS\System32\DRIVERS\360elam64.sys [17192 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> 360.cn) R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [470152 2020-10-21] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R1 360Hvm; C:\WINDOWS\System32\Drivers\360Hvm64.sys [331560 2020-10-21] (Beijing Qihu Technology Co., Ltd. -> 360安全中心) R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2020-10-21] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) R3 esihdrv; C:\Users\selohu\AppData\Local\Temp\esihdrv.sys [205464 2020-11-25] (ESET, spol. s r.o. -> ESET) <==== ATENCIÓN R1 SAVOnAccess; C:\WINDOWS\System32\DRIVERS\savonaccess.sys [216280 2020-09-25] (Sophos Ltd -> Sophos Limited) S3 sdcfilter; C:\WINDOWS\system32\DRIVERS\sdcfilter.sys [38144 2020-09-25] (Sophos Limited -> Sophos Limited) R1 swi_callout; C:\WINDOWS\system32\DRIVERS\swi_callout.sys [47760 2020-09-25] (Sophos Limited -> Sophos Limited) R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [74760 2019-06-04] (Trend Micro, Inc. -> Trend Micro Inc.) R2 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2017-05-10] (Trend Micro, Inc. -> Trend Micro Inc.) S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [37552 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.) R1 tmeyes; C:\WINDOWS\system32\DRIVERS\tmeyes.sys [684856 2020-03-24] (Trend Micro, Inc. -> Trend Micro Inc.) R2 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2018-03-07] (Trend Micro, Inc. -> Trend Micro Inc.) S1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [160544 2020-03-27] (Trend Micro, Inc. -> Trend Micro Inc.) R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137776 2019-05-04] (Trend Micro, Inc. -> Trend Micro Inc.) S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X] 2020-11-21 13:23 - 2020-11-21 13:23 - 000000000 ____D C:\Users\selohu\AppData\Local\AviraSpeedup 2020-11-21 13:02 - 2020-11-21 17:05 - 000000000 ____D C:\Program Files (x86)\Avira 2020-11-21 13:02 - 2020-11-21 13:06 - 000000000 ____D C:\Users\selohu\AppData\Local\Avira 2020-11-21 13:01 - 2020-11-21 13:28 - 000000000 ____D C:\ProgramData\Avira 2020-11-18 11:59 - 2020-11-18 13:49 - 000000841 _____ C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2020-11-18 11:59 - 2020-11-18 13:49 - 000000695 _____ C:\Users\selohu\Desktop\ESET Online Scanner.lnk 2020-11-18 11:59 - 2020-11-18 11:59 - 015012440 _____ (ESET spol. s r.o.) C:\Users\selohu\Desktop\esetonlinescanner_enu.exe 2020-11-18 04:52 - 2020-11-18 11:18 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent Software 2020-11-11 22:59 - 2020-11-11 22:59 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2020-11-11 21:53 - 2020-11-11 21:53 - 000000000 ____D C:\WINDOWS\SysWOW64\SophosAV 2020-11-11 21:53 - 2020-11-11 21:53 - 000000000 ____D C:\WINDOWS\system32\SophosAV 2020-11-11 21:53 - 2020-09-25 12:14 - 000047760 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys 2020-11-11 21:53 - 2020-09-25 12:14 - 000037376 _____ (Sophos Limited) C:\WINDOWS\system32\SophosBootTasks.exe 2020-11-11 21:50 - 2020-09-25 12:14 - 000216280 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\savonaccess.sys 2020-11-11 21:50 - 2020-09-25 12:14 - 000176120 _____ (Sophos Limited) C:\WINDOWS\system32\sdccoinstaller.dll 2020-11-11 21:50 - 2020-09-25 12:14 - 000045840 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\SophosBootDriver.sys 2020-11-11 21:50 - 2020-09-25 12:14 - 000038144 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\sdcfilter.sys 2020-11-11 21:46 - 2020-11-21 01:52 - 000000000 ____D C:\ProgramData\Sophos 2020-11-11 21:46 - 2020-11-21 01:47 - 000000000 ____D C:\Program Files (x86)\Sophos 2020-11-04 20:24 - 2020-11-04 20:24 - 000000000 ____D C:\ProgramData\360sd 2020-11-04 20:14 - 2020-11-25 14:31 - 000000001 _____ C:\WINDOWS\system32\Drivers\360Hvm64.dat 2020-11-04 20:14 - 2020-11-06 04:32 - 000000000 ____D C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center 2020-11-04 20:14 - 2020-11-05 23:51 - 000000000 ____D C:\Users\selohu\AppData\LocalLow\360WD 2020-11-04 20:14 - 2020-11-04 20:14 - 000000000 _RSHD C:\360SANDBOX 2020-11-04 20:14 - 2020-10-21 07:47 - 000470152 _____ (360.cn) C:\WINDOWS\system32\Drivers\360FsFlt.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000345896 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000331560 _____ (360安全中心) C:\WINDOWS\system32\Drivers\360Hvm64.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000199304 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000096424 _____ (360.cn) C:\WINDOWS\system32\Drivers\360netmon.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000095232 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000057848 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Camera64.sys 2020-11-04 20:14 - 2020-10-21 07:47 - 000017192 _____ (360.cn) C:\WINDOWS\system32\Drivers\360elam64.sys 2020-10-28 11:18 - 2020-11-06 00:32 - 000000000 ____D C:\KVRT_Data 2020-11-05 17:58 - 2020-04-18 03:54 - 000000000 __SHD C:\$360Section 2020-10-26 20:16 - 2020-08-20 12:59 - 000000000 ____D C:\Users\selohu\AppData\Roaming\IObit ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74] AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10589338.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16990891.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19648080.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24697462.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\37238653.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39326786.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\41645524.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56281002.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56866735.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92292752.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\96003709.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10589338.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16990891.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19648080.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24697462.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\37238653.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\39326786.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\41645524.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56281002.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56866735.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92292752.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\96003709.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IMFservice => "@"="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR523 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR523.SYS => ""="Driver IE trusted site: HKU\S-1-5-21-991384485-3360299836-4042273512-1001\...\trendmicro.com -> hxxps://pwm.trendmicro.com 020-11-19 03:27 - 2020-11-19 03:27 - 000000000 ____D C:\Users\selohu\AppData\Local\AdAwareUpdater 2020-11-19 03:27 - 2020-11-19 03:27 - 000000000 ____D C:\ProgramData\adaware 2020-11-19 03:27 - 2020-11-19 03:27 - 000000000 ____D C:\Program Files\Common Files\adaware 2020-11-18 13:48 - 2020-11-18 13:48 - 000003794 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2020-11-18 13:48 - 2020-11-18 13:48 - 000003352 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2020-11-16 01:11 - 2020-11-16 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKillerPE 2020-11-16 01:11 - 2020-11-16 01:12 - 000000000 ____D C:\Program Files\RogueKillerPE 2020-11-11 23:57 - 2020-11-11 23:57 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\32D5B694.sys 2020-10-30 13:29 - 2020-10-30 13:29 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\455527CD.sys 2020-10-28 10:57 - 2020-10-28 11:07 - 000000000 ____D C:\ProgramData\RogueKiller 2020-11-25 14:54 - 2020-04-06 19:37 - 000000000 ____D C:\FSTool 2020-11-08 01:31 - 2020-08-20 11:49 - 000000000 ____D C:\Users\selohu\AppData\Local\Safer-Networking Ltd 2020-11-05 03:11 - 2017-11-16 17:14 - 012114704 _____ (Trend Micro Inc.) C:\Users\selohu\Desktop\RansomwareFileDecryptor 1.0.1668 MUI.exe EmptyTemp: END: ***************** Procesos cerrados correctamente. El punto de restauración fue creado correctamente. "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings" => eliminado correctamente "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableCMD" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispAppearancePage" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispBackgroundPage" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\NoDispSettingsPage" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #2" => eliminado correctamente "HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #1" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B67B934-BF56-4500-8B7A-84D56E3EDB49}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B67B934-BF56-4500-8B7A-84D56E3EDB49}" => eliminado correctamente C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C3535E1-136E-4769-B5AE-DEA8EA7B47E6}" => eliminado correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C3535E1-136E-4769-B5AE-DEA8EA7B47E6}" => eliminado correctamente C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => movido correctamente "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => eliminado correctamente Tcpip…\Interfaces{8ae7e996-d9e6-4ca8-a372-ac5cf1c5e946}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 => Error: Ninguna corrección automática encontrada para esta entrada. HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11 => eliminado correctamente HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\caljgklbbfbcjjanaijlacgncafpegll => eliminado correctamente HKLM\System\CurrentControlSet\Services\360AntiHacker => eliminado correctamente 360AntiHacker => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\360AvFlt => eliminado correctamente 360AvFlt => servicio eliminado correctamente 360AvFlt => servicio no encontrado. 360Box64 => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\360Box64 => eliminado correctamente 360Box64 => servicio eliminado correctamente 360Camera => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\360Camera => eliminado correctamente 360Camera => servicio eliminado correctamente HKLM\System\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}\\UpperFilters 360Camera => valor eliminado correctamente HKLM\System\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}\\UpperFilters 360Camera => valor eliminado correctamente HKLM\System\CurrentControlSet\Services\360elam64 => eliminado correctamente 360elam64 => servicio eliminado correctamente 360FsFlt => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\360FsFlt => eliminado correctamente 360FsFlt => servicio eliminado correctamente 360Hvm => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\360Hvm => eliminado correctamente 360Hvm => servicio eliminado correctamente 360netmon => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\360netmon => eliminado correctamente 360netmon => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\esihdrv => eliminado correctamente esihdrv => servicio eliminado correctamente SAVOnAccess => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\SAVOnAccess => eliminado correctamente SAVOnAccess => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\sdcfilter => eliminado correctamente sdcfilter => servicio eliminado correctamente swi_callout => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\swi_callout => eliminado correctamente swi_callout => servicio eliminado correctamente TMEBC => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\TMEBC => eliminado correctamente TMEBC => servicio eliminado correctamente tmeevw => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\tmeevw => eliminado correctamente tmeevw => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\tmel => eliminado correctamente tmel => servicio eliminado correctamente tmeyes => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\tmeyes => eliminado correctamente tmeyes => servicio eliminado correctamente tmnciesc => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\tmnciesc => eliminado correctamente tmnciesc => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\tmumh => eliminado correctamente tmumh => servicio eliminado correctamente tmusa => No se puede detener el servicio. HKLM\System\CurrentControlSet\Services\tmusa => eliminado correctamente tmusa => servicio eliminado correctamente HKLM\System\CurrentControlSet\Services\amsdk => eliminado correctamente amsdk => servicio eliminado correctamente C:\Users\selohu\AppData\Local\AviraSpeedup => movido correctamente C:\Program Files (x86)\Avira => movido correctamente C:\Users\selohu\AppData\Local\Avira => movido correctamente C:\ProgramData\Avira => movido correctamente C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk => movido correctamente C:\Users\selohu\Desktop\ESET Online Scanner.lnk => movido correctamente C:\Users\selohu\Desktop\esetonlinescanner_enu.exe => movido correctamente C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent Software => movido correctamente C:\WINDOWS\system32\Drivers\hitmanpro37.sys => movido correctamente C:\WINDOWS\SysWOW64\SophosAV => movido correctamente C:\WINDOWS\system32\SophosAV => movido correctamente C:\WINDOWS\system32\Drivers\swi_callout.sys => movido correctamente C:\WINDOWS\system32\SophosBootTasks.exe => movido correctamente C:\WINDOWS\system32\Drivers\savonaccess.sys => movido correctamente C:\WINDOWS\system32\sdccoinstaller.dll => movido correctamente C:\WINDOWS\system32\Drivers\SophosBootDriver.sys => movido correctamente C:\WINDOWS\system32\Drivers\sdcfilter.sys => movido correctamente C:\ProgramData\Sophos => movido correctamente C:\Program Files (x86)\Sophos => movido correctamente C:\ProgramData\360sd => movido correctamente C:\WINDOWS\system32\Drivers\360Hvm64.dat => movido correctamente C:\Users\selohu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center => movido correctamente C:\Users\selohu\AppData\LocalLow\360WD => movido correctamente "C:\360SANDBOX" carpeta mover: No pudo ser movido "C:\360SANDBOX" => Programado para moverse al reiniciar. C:\WINDOWS\system32\Drivers\360FsFlt.sys => movido correctamente C:\WINDOWS\system32\Drivers\360Box64.sys => movido correctamente C:\WINDOWS\system32\Drivers\360Hvm64.sys => movido correctamente C:\WINDOWS\system32\Drivers\360AntiHacker64.sys => movido correctamente C:\WINDOWS\system32\Drivers\360netmon.sys => movido correctamente C:\WINDOWS\system32\Drivers\360AvFlt.sys => movido correctamente C:\WINDOWS\system32\Drivers\360Camera64.sys => movido correctamente C:\WINDOWS\system32\Drivers\360elam64.sys => movido correctamente C:\KVRT_Data => movido correctamente C:\$360Section => movido correctamente C:\Users\selohu\AppData\Roaming\IObit => movido correctamente HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => eliminado correctamente HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente C:\Windows => ":CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201" ADS eliminado correctamente C:\Windows => ":CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673" ADS eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\10589338.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\16990891.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\19648080.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\24697462.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\37238653.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\39326786.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\41645524.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\56281002.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\56866735.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\92292752.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\96003709.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMInstallerService => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\10589338.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\16990891.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\19648080.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\24697462.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\37238653.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\39326786.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\41645524.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\56281002.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\56866735.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\92292752.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\96003709.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\IMFservice => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MB3Service => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMInstallerService => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SAVService => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SMR523 => eliminado correctamente HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SMR523.SYS => eliminado correctamente HKU\S-1-5-21-991384485-3360299836-4042273512-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\trendmicro.com => eliminado correctamente 020-11-19 03:27 - 2020-11-19 03:27 - 000000000 ____D C:\Users\selohu\AppData\Local\AdAwareUpdater => Error: Ninguna corrección automática encontrada para esta entrada. C:\ProgramData\adaware => movido correctamente C:\Program Files\Common Files\adaware => movido correctamente "C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn" => no encontrado "C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime" => no encontrado C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKillerPE => movido correctamente C:\Program Files\RogueKillerPE => movido correctamente C:\WINDOWS\system32\Drivers\32D5B694.sys => movido correctamente C:\WINDOWS\system32\Drivers\455527CD.sys => movido correctamente C:\ProgramData\RogueKiller => movido correctamente C:\FSTool => movido correctamente C:\Users\selohu\AppData\Local\Safer-Networking Ltd => movido correctamente C:\Users\selohu\Desktop\RansomwareFileDecryptor 1.0.1668 MUI.exe => movido correctamente =========== EmptyTemp: ========== BITS transfer queue => 13393920 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58955679 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 1185444 B Edge => 0 B Chrome => 21761442 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 35926 B NetworkService => 48304 B selohu => 74394557 B RecycleBin => 110317 B EmptyTemp: => 162 MB datos temporales eliminados. ================================