• Registrarse
  • Iniciar sesión


  • Página 2 de 4 PrimeroPrimero 1234 ÚltimoÚltimo
    Resultados 11 al 20 de 35

    Limpieza de una notebook (Solucionado)

    Adjunto reporte de Addition Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2017 Ran by Claudio Guanes (30-11-2017 13:41:36) Running from C:\Users\Claudio Guanes\Desktop Windows 10 Home Version 1607 14393.1480 (X64) (2016-10-15 19:29:56) Boot ...

          
    1. #11
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Adjunto reporte de Addition

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2017
      Ran by Claudio Guanes (30-11-2017 13:41:36)
      Running from C:\Users\Claudio Guanes\Desktop
      Windows 10 Home Version 1607 14393.1480 (X64) (2016-10-15 19:29:56)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrator (S-1-5-21-3944762021-2492775799-415220738-500 - Administrator - Disabled)
      Claudio Guanes (S-1-5-21-3944762021-2492775799-415220738-1000 - Administrator - Enabled) => C:\Users\Claudio Guanes
      DefaultAccount (S-1-5-21-3944762021-2492775799-415220738-503 - Limited - Disabled)
      Guest (S-1-5-21-3944762021-2492775799-415220738-501 - Limited - Enabled)
      HomeGroupUser$ (S-1-5-21-3944762021-2492775799-415220738-1002 - Limited - Enabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      µTorrent (HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
      4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC)
      Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
      Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
      CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
      CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden
      CH341SER (HKLM-x32\...\{7D96C287-751F-45B4-911A-DBAD8AEE831A}) (Version: 3.10.0000 - WCH)
      Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
      Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
      Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
      Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{6281459C-49C7-49C6-A9FE-50293675B4B2}) (Version: 16.0.707 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - ES (x64) (HKLM\...\{65168D5C-A6DD-4C1B-BF5C-860A39CDD05E}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden
      CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
      Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
      Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
      Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
      HP DeskJet 2130 series Ayuda (HKLM-x32\...\{0ABC47CC-14F8-4D01-B877-4203635C0B06}) (Version: 35.0.0 - Hewlett Packard)
      HP DeskJet 2130 series Software básico del dispositivo (HKLM\...\{985B2E7E-994C-4D0C-A881-72317A4C8E56}) (Version: 40.11.1124.17107 - HP Inc.)
      HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
      HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
      HP Dropbox Plugin (HKLM-x32\...\{7BEBB31E-58C4-4FA5-9AD1-ACBE32BF0D12}) (Version: 36.0.41.58587 - HP)
      HP Google Drive Plugin (HKLM-x32\...\{63BD9C12-5CE9-4294-B1C3-A09F971FAFB5}) (Version: 36.0.41.58587 - HP)
      HP Photo Creations (HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
      HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
      Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
      Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
      LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
      LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
      LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
      Malwarebytes versión 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
      McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
      MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
      Microsoft Office Professional 2016 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 16.0.8326.2070 - Microsoft Corporation)
      Microsoft OneDrive (HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN (HKLM-x32\...\{4A28444E-0532-3264-B07D-5AFE590E30BE}) (Version: 9.0.30729 - Microsoft Corporation)
      Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
      Mozilla Firefox 47.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 es-ES)) (Version: 47.0 - Mozilla)
      Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
      MySQL Connector/ODBC 3.51 (HKLM-x32\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
      Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2070 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2070 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2070 - Microsoft Corporation) Hidden
      Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
      Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
      Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
      paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
      Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== ATTENTION
      PowerLed 2.84.1 (HKLM-x32\...\PowerLed_is1) (Version: - TF-TOP)
      Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
      Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{6D972506-DC01-39BC-A5DD-06DA86E00031}.KB947789) (Version: 1 - Microsoft Corporation)
      Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
      SmartDent (HKLM-x32\...\{2DB2570A-0427-4A23-8E96-72F8623749A2}) (Version: 1.00.0000 - Nombre de su organización)
      Spotify (HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
      VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
      Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
      WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
      Xperia Companion (HKLM-x32\...\{87971D31-1246-4141-8424-6ECC64D96E1D}) (Version: 1.2.8.0 - Sony) Hidden
      Xperia Companion (HKLM-x32\...\{8f4f39fa-087f-4e5c-84f3-1433ac7389e9}) (Version: 1.2.8.0 - Sony)
      Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
      Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
      ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
      ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
      ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
      ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
      ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] ()
      ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
      ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
      ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
      ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {00B9A709-FE38-4856-BC47-E8CAD09D74AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
      Task: {089358C2-9657-4EC8-A377-055E871B04EC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-04] (Microsoft Corporation)
      Task: {0DDE62E3-E365-4EB3-8DCD-32035B7C260F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-04] ()
      Task: {15661435-A118-45D5-A76C-CF0E2741C723} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
      Task: {2192DB2D-5B59-4A89-B247-E9664E000837} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-04] ()
      Task: {337C8E40-A976-4631-8847-887E800EC5B5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3944762021-2492775799-415220738-1000Core => C:\Users\Claudio Guanes\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: {4ED6D1EC-20CB-41E9-93B7-0A09306C0849} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Claudio Guanes\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
      Task: {534A0A35-8C7D-408C-8B7C-E8B0D16CD2A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
      Task: {569690E9-A34B-483E-BCDB-8248BEF33DA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-04] (Microsoft Corporation)
      Task: {5C978700-CFF0-43AB-BB22-4BFA6DE534AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.)
      Task: {A7723857-2F6C-4422-B840-B294691FE947} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.)
      Task: {A9D074BF-4782-44C5-AC02-D596FA0E8FD8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-14] (Adobe Systems Incorporated)
      Task: {AA4B7267-C44F-45D6-99B7-3942533A5A82} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3944762021-2492775799-415220738-1000UA => C:\Users\Claudio Guanes\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: {AB683E4E-9397-4C0B-BE70-97DAAEC19D3E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
      Task: {AEEEDBB2-2469-4EA1-830C-33F2D47ED0F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
      Task: {B51346AB-2DC1-41A4-A56D-1293C236B305} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
      Task: {B97C5517-FA5A-4734-A15B-F9AA7A32DB0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
      Task: {C0B58A23-9F4A-4068-8C1B-BB7C023D6819} - System32\Tasks\HP AR Program Upload - bad552bb1b8b4e0f95c500bfca5d2afaad828a4052154f70952f5185b3f17b07 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: <Company name>)
      Task: {F3562468-97DC-4F84-900F-6F1AE9ED13DF} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Claudio Guanes\AppData\Roaming\HP Photo Creations\Communicator.exe [2017-11-28] ()

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

      Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
      Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3944762021-2492775799-415220738-1000Core.job => C:\Users\Claudio Guanes\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3944762021-2492775799-415220738-1000UA.job => C:\Users\Claudio Guanes\AppData\Local\Google\Update\GoogleUpdate.exe
      Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Claudio Guanes\AppData\Roaming\HP Photo Creations\Communicator.exe
      Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Deezer Shortcut.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=paccflbfblppaoidibhflahkogodngie
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Facebook App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dihbebhmaoagdpbcnfedokpfkkgmmpgc
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\PictaCast for Chromecast® - Trial.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ekgaebaencakkggokbokmgojdbafnefi
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WhatsChrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bgkodfmeijboinjdegggmkbkjfiagaan

      ==================== Loaded Modules (Whitelisted) ==============

      2016-07-16 08:42 - 2016-07-16 08:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
      2017-08-08 13:35 - 2017-06-21 04:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
      2017-11-29 11:45 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2017-11-29 11:45 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
      2017-06-07 17:09 - 2017-06-07 17:09 - 000598528 _____ () C:\Users\Claudio Guanes\AppData\Local\MEGAsync\ShellExtX64.dll
      2016-06-14 15:00 - 2017-08-04 07:48 - 008929472 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
      2016-10-17 12:16 - 2016-09-07 01:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
      2017-04-03 16:35 - 2017-03-04 03:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
      2012-11-26 23:54 - 2012-11-26 23:54 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
      2017-08-03 20:20 - 2017-08-03 20:21 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      2017-08-03 20:20 - 2017-08-03 20:21 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
      2017-08-03 20:20 - 2017-08-03 20:21 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
      2017-08-03 20:20 - 2017-08-03 20:21 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
      2017-10-18 13:19 - 2017-10-18 13:19 - 000098688 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
      2017-11-15 12:56 - 2017-11-10 06:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
      2017-11-15 12:56 - 2017-11-10 06:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
      2017-04-03 16:39 - 2017-03-04 03:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
      2017-04-03 16:39 - 2017-03-04 03:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-04-03 16:39 - 2017-03-04 03:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
      2017-08-08 13:35 - 2017-06-21 03:35 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
      2017-08-08 13:35 - 2017-06-21 03:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
      2017-11-17 11:42 - 2017-11-17 11:42 - 000102088 _____ () C:\Users\Claudio Guanes\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [338]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2015-10-30 04:24 - 2017-09-26 11:33 - 000000881 _____ C:\WINDOWS\system32\Drivers\etc\hosts

      0.0.0.1 mssplus.mcafee.com

      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudio Guanes\Desktop\pelis varias\sagradas\resgate-por-amor-jesus-ajudando-um-menino-1a97d.jpg
      DNS Servers: 8.8.8.8 - 8.8.4.4
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      MSCONFIG\Services: Fax => 3
      MSCONFIG\Services: gupdate => 2
      MSCONFIG\Services: gupdatem => 3
      MSCONFIG\Services: SkypeUpdate => 2
      HKLM\...\StartupApproved\Run32: => "HP Software Update"
      HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\StartupApproved\Run: => "Skype"
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\StartupApproved\Run: => "Spotify Web Helper"
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\StartupApproved\Run: => "XperiaCompanionAgent"
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\StartupApproved\Run: => "GoogleDriveSync"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{BD76A45A-0778-4481-856F-12C3D3351F92}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
      FirewallRules: [UDP Query User{7B07A879-41F3-4C3F-8CA6-8F21F03FA0D3}C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{709A4699-E074-45BC-BBDF-F872B5658082}C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe
      FirewallRules: [UDP Query User{C92C799B-AAAB-446A-910A-1A6353F9F55E}C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe
      FirewallRules: [TCP Query User{E05D4F69-491A-4942-8530-BB0EA10F95ED}C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\claudio guanes\appdata\roaming\spotify\spotify.exe
      FirewallRules: [{5482B8FE-924B-479D-ADAA-4C3BD91EAC3F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
      FirewallRules: [{94D5ACAC-C176-4758-B4A1-36EF86AFFE9C}] => (Allow) C:\Users\Claudio Guanes\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe
      FirewallRules: [{7E6A00C6-CDF9-4157-9021-BD191BC53553}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
      FirewallRules: [{291689F7-9054-4E93-B76B-CD5E065E78F4}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
      FirewallRules: [{FAB4F1D8-740B-44A3-ACDE-4D040F6AB881}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
      FirewallRules: [{31ED97BE-CA77-4B69-8C1E-0FA800923947}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
      FirewallRules: [{47A01A8D-EA50-441F-80F4-3AA5621D31F0}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
      FirewallRules: [{A08F0FB9-AA8F-4A85-B6C9-A6C40786C3BF}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
      FirewallRules: [UDP Query User{6E658B91-565F-48A5-ADD4-705718F44FB1}C:\program files (x86)\powerled2.2\powerled.exe] => (Allow) C:\program files (x86)\powerled2.2\powerled.exe
      FirewallRules: [TCP Query User{47DA3F77-C913-43A1-AC32-4E619D63F6E3}C:\program files (x86)\powerled2.2\powerled.exe] => (Allow) C:\program files (x86)\powerled2.2\powerled.exe
      FirewallRules: [{9DD8D8FA-A52E-40A6-A001-81A69EDC0306}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [{B5CE7866-1C96-412A-9CE5-C267C09DC0AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      FirewallRules: [UDP Query User{8175E8A3-DFA6-491D-AC2C-89BDF1CF4A37}C:\program files (x86)\powerled2\powerled.exe] => (Allow) C:\program files (x86)\powerled2\powerled.exe
      FirewallRules: [TCP Query User{4CAE914B-B336-4645-87B2-63FD0665C5AB}C:\program files (x86)\powerled2\powerled.exe] => (Allow) C:\program files (x86)\powerled2\powerled.exe
      FirewallRules: [UDP Query User{3D5A80F2-6C1D-45D0-BB98-F4EF5CB6D4D4}C:\program files (x86)\powerled\powerled.exe] => (Allow) C:\program files (x86)\powerled\powerled.exe
      FirewallRules: [TCP Query User{D3F530C2-55E6-49BF-8F70-2DB85BC76E43}C:\program files (x86)\powerled\powerled.exe] => (Allow) C:\program files (x86)\powerled\powerled.exe
      FirewallRules: [{1F5D6C95-BDA0-45DE-9553-BBD4037E4795}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
      FirewallRules: [{87608FC3-1305-4E67-AE0C-68F866B5C054}] => (Allow) LPort=5357
      FirewallRules: [{4158E2AC-4693-41D1-848E-1F419C5602FE}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
      FirewallRules: [{53DCFD8A-1262-4884-B5C1-CD3620C73C6C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
      FirewallRules: [{BFEC4B21-69C2-4D0D-8184-42D060BA77AE}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
      FirewallRules: [{65F2131F-7A4A-4211-A07B-CA403B7282ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{B35F1582-94AB-4720-AD1A-739B2D2D440B}] => (Allow) %systemroot%\system32\alg.exe
      FirewallRules: [{9A014AF1-7846-4885-A485-1951A0CF47B9}] => (Allow) %systemroot%\system32\alg.exe
      FirewallRules: [{F5584E39-9BCF-4035-BEB6-A2D8A7721351}] => (Allow) %systemroot%\system32\alg.exe
      FirewallRules: [{6AD49A1F-C514-4F53-88C5-ACF424E92E02}] => (Allow) LPort=1688
      FirewallRules: [{8077020B-2582-4785-A09E-66710EDE1AAE}] => (Allow) C:\Users\Claudio Guanes\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{EFF01FAC-B746-47C2-9601-14E8A562F405}] => (Allow) C:\Users\Claudio Guanes\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{8C5B41CE-D60C-45F7-B753-7EAA0F3F5DD5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
      FirewallRules: [{4925B16C-8F63-40AC-93AF-90270FB7A35F}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe
      FirewallRules: [{2E0C14F2-62C9-4494-8C2C-F8DF69787FB4}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe
      FirewallRules: [{D1E0860B-C0A5-4920-80FD-35E96A9BBB09}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{EB086670-BC77-441C-B9DD-5937E52F1CE9}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
      FirewallRules: [{CBF0246C-81AC-4EE6-8E6D-5B4E57F8C0B5}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
      FirewallRules: [{FCF86B02-D700-48E0-AFDB-11D1F248B075}] => (Block) %ProgramFiles%\Common Files\Protexis\License Service\PsiService_2.exe
      FirewallRules: [{709F90C9-C125-4CFF-8AF2-D5048EE33836}] => (Block) %ProgramFiles%\Common Files\Protexis\License Service\PsiService_2.exe

      ==================== Restore Points =========================

      13-11-2017 14:18:01 Scheduled Checkpoint
      21-11-2017 16:44:50 Scheduled Checkpoint
      30-11-2017 1009 JRT Pre-Junkware Removal

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (11/30/2017 11:12:35 AM) (Source: ESENT) (EventID: 489) (User: )
      Description: CCleaner64 (484) Al intentar abrir el archivo "C:\Users\Claudio Guanes\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" para acceso de sólo lectura se produjo el error de sistema 32 (0x00000020): "El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso. ". La operación para abrir el archivo se cerrará con el error -1032 (0xfffffbf8).

      Error: (11/30/2017 1024 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

      System Error:
      Access is denied.
      .

      Error: (11/30/2017 09:22:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHORIXLUI)
      Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (11/29/2017 11:45:24 AM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.0.0.1247, marca de tiempo: 0x59f37829
      Nombre del módulo con errores: Qt5Core.dll, versión: 5.6.2.0, marca de tiempo: 0x59a63e00
      Código de excepción: 0xc0000005
      Desplazamiento de errores: 0x0018de83
      Identificador del proceso con errores: 0x550
      Hora de inicio de la aplicación con errores: 0x01d36920aeacb49a
      Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
      Identificador del informe: 20903eb8-3a86-48f0-9ab1-e2fdebce8ac4
      Nombre completo del paquete con errores:
      Identificador de aplicación relativa del paquete con errores:

      Error: (11/29/2017 11:18:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHORIXLUI)
      Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (11/28/2017 04:37:42 PM) (Source: VSS) (EventID: 8193) (User: )
      Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, The handle is invalid.
      .


      Operation:
      Executing Asynchronous Operation

      Context:
      Current State: DoSnapshotSet

      Error: (11/28/2017 04:36:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
      Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

      Details:
      AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

      System Error:
      Access is denied.
      .

      Error: (11/27/2017 04:15:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHORIXLUI)
      Description: No se pudo activar la aplicación Microsoft.Windows.Photos_8wekyb3d8bbwe!App debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.

      Error: (11/27/2017 04:15:22 PM) (Source: Application Error) (EventID: 1000) (User: )
      Description: Nombre de la aplicación con errores: Microsoft.Photos.exe, versión: 2017.35063.13610.0, marca de tiempo: 0x59791f6e
      Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.14393.1378, marca de tiempo: 0x594a17be
      Código de excepción: 0xc000027b
      Desplazamiento de errores: 0x0000000000538d40
      Identificador del proceso con errores: 0x1554
      Hora de inicio de la aplicación con errores: 0x01d367b412451381
      Ruta de acceso de la aplicación con errores: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
      Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
      Identificador del informe: faa4bf61-fb25-4d72-ab1c-48401183ac9c
      Nombre completo del paquete con errores: Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe
      Identificador de aplicación relativa del paquete con errores: App

      Error: (11/27/2017 01:14:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CHORIXLUI)
      Description: No se pudo activar la aplicación Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App debido al error: -2144927141. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.


      System errors:
      =============
      Error: (11/30/2017 01:21:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (11/30/2017 10:30:29 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
      Description: La DLL de notificación de contraseña "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" no se pudo cargar y dio el error 126. Compruebe que la ruta de acceso de la DLL de notificación definida en el registro, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, haga referencia a una ruta de acceso correcta y absoluta (<unidad>:\<ruta de acceso>\<nombre de archivo>.<ext>) y no a una ruta de acceso relativa o no válida. Si la ruta de acceso de la DLL es correcta, valide que los archivos auxiliares se encuentren en el mismo directorio, y que la cuenta del sistema tenga acceso de lectura tanto en la ruta de acceso de la DLL, como en los archivos auxiliares. Póngase en contacto con el proveedor de la DLL de notificación para obtener soporte adicional. Si desea obtener más detalles visite http://go.microsoft.com/fwlink/?LinkId=245898.

      Error: (11/30/2017 10:30:29 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
      Description: La DLL de notificación de contraseña C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll no se pudo cargar y dio el error 126. Compruebe que la ruta de acceso de la DLL de notificación definida en el registro, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, haga referencia a una ruta de acceso correcta y absoluta (<unidad>:\<ruta de acceso>\<nombre de archivo>.<ext>) y no a una ruta de acceso relativa o no válida. Si la ruta de acceso de la DLL es correcta, valide que los archivos auxiliares se encuentren en el mismo directorio, y que la cuenta del sistema tenga acceso de lectura tanto en la ruta de acceso de la DLL, como en los archivos auxiliares. Póngase en contacto con el proveedor de la DLL de notificación para obtener soporte adicional. Si desea obtener más detalles visite http://go.microsoft.com/fwlink/?LinkId=245898.

      Error: (11/30/2017 10:29:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: La configuración de permisos application-specific no concede el permiso Activation Local para la aplicación de servidor COM con CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      y APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (Using LRPC) que se ejecuta en el contenedor de aplicaciones con SID Unavailable (Unavailable). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

      Error: (11/30/2017 10:28:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Intel Security True Key terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Restart the service.

      Error: (11/30/2017 10:28:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Restart the service.

      Error: (11/30/2017 10:28:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
      Description: El servicio Intel Security True Key Scheduler terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1667855986 milisegundos: Restart the service.

      Error: (11/30/2017 10:28:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Update service se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (11/30/2017 10:28:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
      Description: El servicio Corel License Validation Service V2 x64, Powered by arvato se terminó de manera inesperada. Esto ha sucedido 1 veces.

      Error: (11/30/2017 09:22:30 AM) (Source: DCOM) (EventID: 10010) (User: CHORIXLUI)
      Description: El servidor App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca no se registró con DCOM dentro del tiempo de espera requerido.


      CodeIntegrity:
      ===================================
      Date: 2017-11-29 11:45:40.161
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

      Date: 2017-02-01 16:11:27.015
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

      Date: 2017-02-01 16:11:25.772
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-12-14 17:17:39.499
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

      Date: 2016-12-14 17:17:39.191
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
      Percentage of memory in use: 59%
      Total physical RAM: 3894.84 MB
      Available physical RAM: 1558.69 MB
      Total Virtual: 4726.84 MB
      Available Virtual: 1920.33 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:465.19 GB) (Free:233.56 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 31AC024B)
      Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
      Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
      Partition 3: (Not Active) - (Size=482 MB) - (Type=27)

      ==================== End of Addition.txt ============================

    2. #12
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.354

      Re: Limpieza de una notebook de un amigo

      Hola

      Sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

      • Para hacerlo descarga >> DelFix en tu escritorio.
        • Doble clic para ejecutarlo.(Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
        • Marca unicamente la casilla "Create registry backup".
      • Pulsar en Run.

        Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


      A continuación inicia tu equipo desde el >> Modo Seguro de Windows con función de red.

      Si tu SO es Windows 8/8.1/10 usa el 2º MÉTODO: de esta Faq de Windows 8 (aplicable a Windows 10) >> ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.


      Con los demás programas cerrados ve a >> Inicio >> Ejecutar >> y escribe notepad.exe.

      Ahora copia y pega estos archivos dentro del Notepad: (Se excluye la palabra código)

      Código:
      Start
      CreateRestorePoint:
      CloseProcesses:
      
      HKLM-x32\...\Run: [] => [X]
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\MountPoints2: {f6c6558d-84c3-11e6-bd6b-00266c3fd83d} - "G:\startme.exe" 
      FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
      FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
      CHR HomePage: Default -> hxxp://rts.dsrlte.com
      CHR Extension: (Presentaciones) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
      CHR Extension: (Documentos) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
      CHR Extension: (Quick Maps) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-03-09]
      CHR Extension: (WhatsChrome) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-03-19]
      CHR Extension: (Tampermonkey) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-20]
      CHR Extension: (Polarr Photo Editor) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-11-28]
      CHR Extension: (Google Play Música) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-11-24]
      CHR Extension: (EZbrowsing Search) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn [2017-11-30]
      CHR Extension: (Super Browse for Netflix) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejponamigpndjgdmnpelkohnbpancjf [2017-11-07]
      CHR Extension: (InternetSpeedTracker) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2017-11-30]
      CHR Extension: (Chrome Media Router) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17]
      CHR HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
      S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
      S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
      S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
      S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
      S3 huawei_wwanecm; \SystemRoot\System32\drivers\ew_juwwanecm.sys [X]
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Deezer Shortcut.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=paccflbfblppaoidibhflahkogodngie
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Facebook App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dihbebhmaoagdpbcnfedokpfkkgmmpgc
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\PictaCast for Chromecast® - Trial.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ekgaebaencakkggokbokmgojdbafnefi
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WhatsChrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bgkodfmeijboinjdegggmkbkjfiagaan
      AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [338] 
      
      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

      Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

      ATENCION!!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

      • Ejecutas Frst.exe.
      • Presionas el botón Fix y aguardas a que termine.
      • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
      • Lo pegas en tu próxima respuesta.


      Pon el reporte y comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Buenas tardes Daniela ya tengo el log lo voy a adjuntar ahora

      Fix result of Farbar Recovery Scan Tool (x64) Version: 29-11-2017
      Ran by Claudio Guanes (04-12-2017 11:23:57) Run:1
      Running from C:\Users\Claudio Guanes\Desktop
      Loaded Profiles: Claudio Guanes (Available Profiles: Claudio Guanes)
      Boot Mode: Safe Mode (with Networking)
      ==============================================

      fixlist content:
      *****************
      Start
      CreateRestorePoint:
      CloseProcesses:

      HKLM-x32\...\Run: [] => [X]
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\...\MountPoints2: {f6c6558d-84c3-11e6-bd6b-00266c3fd83d} - "G:\startme.exe"
      FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
      FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
      CHR HomePage: Default -> hxxp://rts.dsrlte.com
      CHR Extension: (Presentaciones) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
      CHR Extension: (Documentos) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
      CHR Extension: (Quick Maps) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-03-09]
      CHR Extension: (WhatsChrome) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-03-19]
      CHR Extension: (Tampermonkey) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-20]
      CHR Extension: (Polarr Photo Editor) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-11-28]
      CHR Extension: (Google Play M�sica) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-11-24]
      CHR Extension: (EZbrowsing Search) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn [2017-11-30]
      CHR Extension: (Super Browse for Netflix) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejponamigpndjgdmnpelkohnbpancjf [2017-11-07]
      CHR Extension: (InternetSpeedTracker) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2017-11-30]
      CHR Extension: (Chrome Media Router) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17]
      CHR HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
      S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
      S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
      S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
      S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
      S3 huawei_wwanecm; \SystemRoot\System32\drivers\ew_juwwanecm.sys [X]
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Deezer Shortcut.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=paccflbfblppaoidibhflahkogodngie
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Facebook App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=dihbebhmaoagdpbcnfedokpfkkgmmpgc
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\PictaCast for Chromecast� - Trial.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=ekgaebaencakkggokbokmgojdbafnefi
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=djonnbgfieijldcieafgjcnhmpcfpmgg
      ShortcutWithArgument: C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WhatsChrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bgkodfmeijboinjdegggmkbkjfiagaan
      AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 [338]

      CMD: ipconfig /flushdns
      CMD: ipconfig /renew
      CMD: bitsadmin /reset /allusers
      RemoveProxy:
      EmptyTemp:
      Hosts:
      end
      *****************

      Error: Restore point can only be created in normal mode.
      Processes closed successfully.
      HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6c6558d-84c3-11e6-bd6b-00266c3fd83d} => key removed successfully
      HKLM\Software\Classes\CLSID\{f6c6558d-84c3-11e6-bd6b-00266c3fd83d} => key not found
      HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/FlashPlayer => key removed successfully
      C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll => not found.
      HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/vlc => key removed successfully
      C:\Users\Claudio Guanes\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => not found.
      Chrome HomePage => removed successfully
      CHR Extension: (Presentaciones) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] => Error: No automatic fix found for this entry.
      CHR Extension: (Documentos) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] => Error: No automatic fix found for this entry.
      CHR Extension: (Quick Maps) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-03-09] => Error: No automatic fix found for this entry.
      CHR Extension: (WhatsChrome) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-03-19] => Error: No automatic fix found for this entry.
      CHR Extension: (Tampermonkey) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-20] => Error: No automatic fix found for this entry.
      CHR Extension: (Polarr Photo Editor) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2017-11-28] => Error: No automatic fix found for this entry.
      CHR Extension: (Google Play M�sica) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2017-11-24] => Error: No automatic fix found for this entry.
      CHR Extension: (EZbrowsing Search) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddliihhbcncedkejmfceijfbpoieggn [2017-11-30] => Error: No automatic fix found for this entry.
      CHR Extension: (Super Browse for Netflix) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejponamigpndjgdmnpelkohnbpancjf [2017-11-07] => Error: No automatic fix found for this entry.
      CHR Extension: (InternetSpeedTracker) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kohoehgoafblafjinhplmhcbphgaaobc [2017-11-30] => Error: No automatic fix found for this entry.
      CHR Extension: (Chrome Media Router) - C:\Users\Claudio Guanes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17] => Error: No automatic fix found for this entry.
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => key removed successfully
      HKLM\System\CurrentControlSet\Services\ew_usbenumfilter => key removed successfully
      ew_usbenumfilter => service removed successfully
      HKLM\System\CurrentControlSet\Services\huawei_cdcacm => key removed successfully
      huawei_cdcacm => service removed successfully
      HKLM\System\CurrentControlSet\Services\huawei_enumerator => key removed successfully
      huawei_enumerator => service removed successfully
      HKLM\System\CurrentControlSet\Services\huawei_ext_ctrl => key removed successfully
      huawei_ext_ctrl => service removed successfully
      HKLM\System\CurrentControlSet\Services\huawei_wwanecm => key removed successfully
      huawei_wwanecm => service removed successfully
      C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Deezer Shortcut.lnk => Shortcut argument removed successfully
      C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Facebook App Launcher.lnk => Shortcut argument removed successfully
      C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk => Shortcut argument removed successfully
      C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\PictaCast for Chromecast� - Trial.lnk => not found.
      C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polarr Photo Editor.lnk => Shortcut argument removed successfully
      C:\Users\Claudio Guanes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\WhatsChrome.lnk => Shortcut argument removed successfully
      C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully

      ========= ipconfig /flushdns =========


      Configuraci¢n IP de Windows

      Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

      ========= End of CMD: =========


      ========= ipconfig /renew =========


      Configuraci¢n IP de Windows

      No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
      est‚n desconectados.
      Error al renovar la interfaz Hamachi: no se puede establecer contacto con el
      servidor DHCP. La solicitud super¢ el tiempo de espera.
      No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
      est‚n desconectados.
      No se puede realizar ninguna operaci¢n en Local Area Connection* 11 mientras los medios
      est‚n desconectados.

      ========= End of CMD: =========


      ========= bitsadmin /reset /allusers =========


      BITSADMIN version 3.0
      BITS administration utility.
      (C) Copyright 2000-2006 Microsoft Corp.

      BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
      Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

      Unable to connect to BITS - 0x8007043c

      ========= End of CMD: =========


      ========= RemoveProxy: =========

      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
      HKU\S-1-5-21-3944762021-2492775799-415220738-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


      ========= End of RemoveProxy: =========

      C:\Windows\System32\Drivers\etc\hosts => moved successfully
      Hosts restored successfully.

      =========== EmptyTemp: ==========

      BITS transfer queue => 0 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 173103453 B
      Java, Flash, Steam htmlcache => 291 B
      Windows/system/drivers => 1454565 B
      Edge => 131870 B
      Chrome => 24259207 B
      Firefox => 8006543 B
      Opera => 0 B

      Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Users => 0 B
      ProgramData => 0 B
      Public => 0 B
      systemprofile => 128 B
      systemprofile32 => 128 B
      LocalService => 0 B
      NetworkService => 6082978 B
      Claudio Guanes => 41086369 B

      RecycleBin => 5403 B
      EmptyTemp: => 242.4 MB temporary data Removed.

      ================================


      The system needed a reboot.

      ==== End of Fixlog 11:26:41 ====

    4. #14
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.354

      Re: Limpieza de una notebook de un amigo

      Hola

      Como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Buen dia Daniela ahora recién estoy teniendo acceso a la notebook de mi amigo en la que estamos trabajando juntos y realmente esta mejor solo que tiene dos cositas que tarda un poquito mas que antes en arrancar y encontré una carpeta en el escritorio una carpeta que no puedo borrar, pero esta muy bien realmente supongo ya que sacamos muchisimas cosas que no deberían de estar ahi como el KMSpico que se utiliza para activar el windows que en realidad no hacia falta ya que su licencia es original y ya no me sale ningún mensaje de ese programa ahora, y disculpa la tardanza en responder estaba trabajando fuera de la oficina y no pude tener acceso a la PC.

    6. #16
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Buenas Daniela cuando quieras podemos continuar con el trabajo por si hay algo mas que hacer en la limpieza de esta notebook de mi amigo, toda la tarde hasta comienzos de la noche estaré con la notebook a mi disposición.

    7. #17
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.354

      Re: Limpieza de una notebook de un amigo

      Hola

      Ya puedes perdonar, no me llegó aviso de tu respuesta

      La carpeta que no puedes borrar, tiene nombre y algo dentro de ella? Después de realizar los paso intenta borrarla en modo seguro.

      Realiza los siguientes pasos en Modo Seguro

      1.- Descarga, instala y/o actualiza , pero no ejecutes aún, las siguientes herramientas :



      2.- Ejecuta una por una y en el siguiente orden :

      a) CCleaner

      • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador
      • clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad
      • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.


      b) Argente-Registry Cleaner.

      • Lo instalas como indica el Manual
      • Lo ejecutas y presionas Iniciar Análisis
      • Cuando termine el análisis presionas Reparar errores seleccionados.


      c) Glary Utilities.

      • Instalas y actualizas (Pestaña Estado)
      • En su pestaña Mantenimiento 1-Clic presionas Ver Resultados
      • Cuando termine el escaneo presionas Reparar Problemas
      • Presiona para utilizar Limpiador de Disco


      Ejecutas estas tres herramientas varias veces, una por una y en el mismo orden, hasta que veas que no te encuentran prácticamente ningún error.

      3) Descarga Defraggler.

      Con el desfragmentador haces lo mismo pásalo varias veces hasta que veas que te indica que prácticamente no queda espacio fragmentado.

      Comenta como sigue el problema.

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      El problema persiste y sigo sin poder borrar la carpeta que contiene un archivo y la carpeta pesa 0 bytes y ese archivo contenido ahi no se de que se trata Daniela y ya realize los procedimientos que dijiste en el orden.

    9. #19
      Moderadora Gral.
      Avatar de @Daniela
      Registrado
      abr 2011
      Ubicación
      España
      Mensajes
      24.354

      Re: Limpieza de una notebook de un amigo

      Hola

      Haz una captura de pantalla de la carpeta y la pones en tu próxima respuesta.

      ¿Cómo subir imágenes al Foro? *TUTORIAL*

      Un saludo
      ✿◕‿◕✿ La impaciencia no es buena compañía ✿◕‿◕✿

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #20
      Usuario Avatar de the rev
      Registrado
      dic 2016
      Ubicación
      Paraguay
      Mensajes
      63

      Re: Limpieza de una notebook de un amigo

      Buenas Daniela adjunto captura