¿Publicidad o virus?

Hola, qué tal.

Desde hace un par de días, cuando estoy navegando por internet (da igual que sea abriendo pestañas o leyendo una ya abierta), la página en cuestión salta a una página publicitaria de Vodafone. Pero es un poco extraña, bastante básica, incluso dudo que sea de Vodafone de verdad. Y la página en cuestión no me deja volver a atrás. Tengo que cerrarla y volver a abrir donde estaba.

Pero hoy, además de pasarme eso un par de veces, en cierto momento se ha puesto toda la pantalla azul, con un mensaje de “se ha producido un error, estamos recopilando datos antes de reiniciar”, una carita triste “:(”, un código QR y una cuenta del porcentaje en aumento.

No sabía qué hacer y he hecho un apagado a lo bruto, manteniendo pulsado el botón unos cuantos segundos hasta que se ha apagado el ordenador. Al cabo de un rato lo he encendido y aquí estoy contándolo.

El caso es que desde ayer llevo pasando todos los antivirus que conozco y ninguno detecta nada. Malwarebytes antirootkit, adwcleaner, malwarebytes antimalware, ESET online scan, KVRT, AVAST, Panda, Housecall Trendmicro…

¿Qué puede ser y qué puedo hacer?

Muchas gracias por vuestra atención y vuestros consejos.

Hola @Kinui

Por favor, pon los informes de Malwarebytes Antimalware y AdwCleaner, aunque NO hayan tenido infecciones, gracias.

Saludos.

1 me gusta

Ok, me pongo a ello. Gracias.

Por cierto, no sé si estará relacionado, pero al ir a arrancar ahora, se me ha quedado en la página de Megatrends con el mensaje de que ha fallado el overclocking y que presionase F1 (creo) para acceder a la configuración. Lo he “solucionado” como todo, apagando y volviendo a encender… :sweat:

Me pongo con tus instrucciones, gracias.

1 me gusta

Eso que comentas NO tiene nada que ver con el otro problema que planteaste inicialmente, y en cualquier caso sería un problema distinto al inicial. :roll_eyes:

Lo que te pedí únicamente eran los informes que YA deberías tener generados al usar las dos herramientas, NO quiero que repitas de nuevo el/los análisis.

Saludos.

Vaya, lo siento. No sé dónde estarán esos informes y por eso pensé en pasarlos de nuevo.

@Kinui, Si revisas los manuales que tenemos en el FORO de esas dos herramientas podrás ver dónde y cómo localizar esos informes.

:arrow_right: Manual de Malwarebytes Anti-Malware

:arrow_right: Manual de AdwCleaner

Saludos.

1 me gusta

Ok, muchas gracias.

Tengo los informes nuevos y los pego a continuación. Por favor, si prefieres alguno anterior, no dudes en decírmelo. Gracias de nuevo por tu interés.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 3/8/19
Hora del análisis: 13:38
Archivo de registro: 39163966-b5e3-11e9-8600-d017c2d01bd7.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11844
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17134.885)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-808CCCP\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 634251
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 hr, 26 min, 48 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)


# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-02.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-03-2019
# Duration: 00:00:10
# OS:       Windows 10 Home
# Scanned:  35815
# Detected: 22


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.HPDigitalImaging   
Preinstalled.HPSupportAssistant 


AdwCleaner[S00].txt - [1646 octets] - [30/12/2018 15:41:44]
AdwCleaner[C00].txt - [1738 octets] - [30/12/2018 15:41:56]
AdwCleaner[S01].txt - [1372 octets] - [03/01/2019 14:46:33]
AdwCleaner_Debug.log - [178288 octets] - [03/01/2019 14:49:21]
AdwCleaner[C01].txt - [1648 octets] - [03/01/2019 14:49:30]
AdwCleaner[S02].txt - [1557 octets] - [03/01/2019 14:51:33]
AdwCleaner[S03].txt - [1618 octets] - [16/01/2019 20:26:18]
AdwCleaner[S04].txt - [1679 octets] - [30/01/2019 19:32:29]
AdwCleaner[S05].txt - [1740 octets] - [31/01/2019 21:52:52]
AdwCleaner[S06].txt - [1801 octets] - [23/02/2019 15:54:37]
AdwCleaner[S07].txt - [1862 octets] - [31/03/2019 00:56:20]
AdwCleaner[C07].txt - [2076 octets] - [31/03/2019 00:56:56]
AdwCleaner[S08].txt - [2043 octets] - [05/05/2019 00:44:03]
AdwCleaner[C08].txt - [2237 octets] - [05/05/2019 00:44:15]
AdwCleaner[S09].txt - [2107 octets] - [05/05/2019 00:49:06]
AdwCleaner[S10].txt - [2168 octets] - [05/05/2019 22:24:26]
AdwCleaner[S11].txt - [2229 octets] - [09/05/2019 13:55:45]
AdwCleaner[S12].txt - [2290 octets] - [13/05/2019 14:29:51]
AdwCleaner[S13].txt - [2351 octets] - [15/05/2019 13:39:32]
AdwCleaner[S14].txt - [2524 octets] - [03/08/2019 12:10:36]
AdwCleaner[S15].txt - [2585 octets] - [03/08/2019 16:45:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S16].txt ##########

Perfecto… y ahora realiza estos pasos :

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:)

:two: Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

1 me gusta

Ok, gracias.

Aquí están los resultados:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-08-2019
Ran by Usuario (administrator) on DESKTOP-808CCCP (03-08-2019 17:36:49)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) C:\Windows\V0770Mon.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(RealNetworks, Inc. -> ) F:\RealDownloader\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) F:\RealDownloader\realdownloader264.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) F:\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) F:\Update\realsched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [V0770Mon.exe] => C:\WINDOWS\V0770Mon.exe [41600 2015-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
HKLM-x32\...\Run: [HP Software Update] => F:\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-30] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [TkBellExe] => F:\update\realsched.exe [352648 2017-06-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => F:\RealDownloader\downloader2.exe [1297648 2017-06-02] (RealNetworks, Inc. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993264 2019-06-27] (Google LLC -> )
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [1996008 2019-05-13] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.1.1528.101\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> F:\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2017-06-17]
ShortcutTarget: RealTimes.lnk -> F:\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-07-28]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Usuario\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FCA1CD9-00A9-4189-8641-A1C9D12D45D6} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808504 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {10C82761-B45E-43D1-B160-2E3887F211DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {1112EC4B-D245-4810-980D-EFC5E6BA4312} - System32\Tasks\Norton Security Scan => C:\Program Files\Norton Security Scan\Engine32\4.7.0.181\NSS.exe [486480 2017-12-26] (Symantec Corporation -> Symantec Corporation)
Task: {11AD4AFA-9C29-447F-8241-B5BCB9927175} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808504 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {15162A4E-DA5A-4E0A-9C66-2EFA0F2F05B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {1F543812-2F43-4768-B550-6A2AE5CF8673} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-29] (Google Inc -> Google Inc.)
Task: {2B2D1F4A-B9A6-4FE6-A330-6C4A7201C7CF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2047368 2019-07-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {2E00EB91-2640-4C82-9907-839CB7B55EB6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {4802F989-D574-450D-BC80-1CCBE43EB7AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A7DFCBF-2531-403D-938E-497806862706} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-10] (Adobe Inc. -> Adobe)
Task: {5AC340EF-5B4F-4751-836D-88335BED8770} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {74945891-C1DE-4B69-8E58-2B776ABFA3F7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-10] (Adobe Inc. -> Adobe)
Task: {7CBA2707-CAB2-4874-BEA6-C83AD8AC2750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8A5F86C4-5BBF-42BC-A578-57E6CFCC60D4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {8BF0AE66-AB5A-4FB7-99A7-E6E875292361} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-29] (Google Inc -> Google Inc.)
Task: {A08F9EE5-6401-485D-A971-50DC9D4331D9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {AA409361-5825-4C23-8153-EDF963D22FB4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB9CFA40-833E-41DD-A7BE-DE62046B243D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C3E2DA43-B814-4B73-8243-3420C3F89D95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D4EFBFAA-CAD9-464D-84FB-2FC45304088D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {D7E3B73C-7D02-4CC7-9373-BDA0CCA36CAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA8F904A-3792-4639-AED2-12EFF1A87305} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-10] (Adobe Inc. -> Adobe)
Task: {E34090F2-11AA-4194-9C23-4612EDBDDF91} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2880194073-616569380-2500398765-1001 => F:\RealDownloader\realupgrade.exe [135560 2017-06-02] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E4D66A43-AE7C-4C76-824B-2BE9D8CF18F5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2880194073-616569380-2500398765-1001 => F:\RealDownloader\realupgrade.exe [135560 2017-06-02] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E788DC9F-D38E-4660-89C6-C20913FA079F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\PTK-Scheduler-Norton Security Scan.job => C:\Program Files\Norton Security Scan\Engine32\4.7.0.181\NSS.exeÆaction=run fmui C:\Program Files\Norton Security Scan\Branding\Config.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.81.16.148 62.81.16.213
Tcpip\..\Interfaces\{a76ef44e-9bf8-4825-bc49-eb7296071b0a}: [DhcpNameServer] 62.81.16.148 62.81.16.213

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.es/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> F:\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2017-06-02] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> F:\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2017-06-02] (RealNetworks, Inc. -> RealDownloader)

FireFox:
========
FF DefaultProfile: 7yczk5a0.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\7yczk5a0.default [2019-08-03]
FF Homepage: Mozilla\Firefox\Profiles\7yczk5a0.default -> hxxps://www.google.es/
FF Extension: (Print Edit WE) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\7yczk5a0.default\Extensions\[email protected] [2019-07-10]
FF Extension: (Print Edit) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\7yczk5a0.default\Extensions\[email protected] [2018-05-15] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\7yczk5a0.default\Extensions\[email protected] [2019-07-20]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\7yczk5a0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-05-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-10] (Adobe Inc. -> )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @real.com/nppl3260;version=18.1.8.212 -> F:\Netscape6\nppl3260.dll [2017-06-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.8.212 -> F:\Netscape6\nprpplugin.dll [2017-06-17] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-08-03]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-25]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-25]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-29]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-14]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-18]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-05-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-14]
CHR HKU\S-1-5-21-2880194073-616569380-2500398765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.1.1528.101\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (FUTUREMARK INC -> Futuremark)
R3 hpqcxs08; F:\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-09-20] (Hewlett Packard -> Hewlett-Packard Co.)
R2 hpqddsvc; F:\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett Packard -> Hewlett-Packard Co.)
R2 HPSLPSVC; F:\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [357240 2019-07-05] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 RealPlayerUpdateSvc; F:\UpdateService\RealPlayerUpdateSvc.exe [36640 2017-06-02] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; F:\RPDS\Bin\rpdsvc.exe [988944 2017-06-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209256 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263224 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206056 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61688 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279336 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42504 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168896 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477288 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225816 2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387896 2019-07-27] (AVAST Software s.r.o. -> AVAST Software)
R3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [53024 2015-07-10] (Broadcom Corporation -> Broadcom Corporation.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [51712 2009-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 kmloop; C:\WINDOWS\System32\drivers\loop.sys [16896 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek Semiconductor Corp -> Realtek )
R3 V0770Vid; C:\WINDOWS\system32\DRIVERS\V0770Vid.sys [388616 2015-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-27] (Microsoft Windows -> Microsoft Corporation)
S0 D22DF066; system32\drivers\D22DF066.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-03 17:31 - 2019-08-03 17:31 - 000059398 _____ C:\Users\Usuario\Desktop\Addition.txt
2019-08-03 17:30 - 2019-08-03 17:37 - 000027756 _____ C:\Users\Usuario\Desktop\FRST.txt
2019-08-03 17:30 - 2019-08-03 17:36 - 000000000 ____D C:\FRST
2019-08-03 17:25 - 2019-08-03 17:29 - 002096128 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2019-08-03 12:28 - 2019-08-03 12:28 - 000000000 ____D C:\WINDOWS\Minidump
2019-08-03 12:28 - 2019-08-03 12:28 - 000000000 _____ C:\WINDOWS\Minidump\080319-4250-01.dmp
2019-08-03 12:10 - 2019-08-03 12:10 - 007623880 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_7.4.exe
2019-08-03 11:34 - 2019-08-03 11:34 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\775425B6.sys
2019-08-02 15:53 - 2019-08-02 16:39 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WhatsApp
2019-08-02 15:53 - 2019-08-02 15:53 - 149055408 _____ (WhatsApp) C:\Users\Usuario\Desktop\WhatsAppSetup.exe
2019-08-02 15:53 - 2019-08-02 15:53 - 000002252 _____ C:\Users\Usuario\Desktop\WhatsApp.lnk
2019-08-02 15:53 - 2019-08-02 15:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-08-02 15:53 - 2019-08-02 15:53 - 000000000 ____D C:\Users\Usuario\AppData\Local\WhatsApp
2019-08-02 15:53 - 2019-08-02 15:53 - 000000000 ____D C:\Users\Usuario\AppData\Local\SquirrelTemp
2019-08-01 12:06 - 2019-08-01 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-30 14:19 - 2019-07-30 14:19 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-07-30 14:19 - 2019-07-30 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-07-30 14:19 - 2019-07-30 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-07-30 14:19 - 2019-07-30 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-07-29 20:36 - 2019-07-29 20:36 - 165906728 _____ (AO Kaspersky Lab) C:\Users\Usuario\Desktop\KVRT(1).exe
2019-07-29 20:02 - 2019-07-29 20:02 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1761F65E.sys
2019-07-28 19:37 - 2019-07-28 19:37 - 000000000 ___RD C:\Users\Usuario\Documents\MEGAsync
2019-07-28 19:36 - 2019-07-28 19:36 - 000001176 _____ C:\Users\Usuario\Desktop\MEGAsync.lnk
2019-07-28 19:36 - 2019-07-28 19:36 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2019-07-28 19:36 - 2019-07-28 19:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\MEGAsync
2019-07-28 19:36 - 2019-07-28 19:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\Mega Limited
2019-07-28 19:35 - 2019-07-28 19:36 - 031126320 _____ (MEGA Limited) C:\Users\Usuario\Desktop\MEGAsyncSetup.exe
2019-07-24 20:01 - 2019-07-24 20:01 - 000438900 _____ C:\Users\Usuario\Desktop\ES_180210.pdf
2019-07-20 20:36 - 2019-07-20 20:36 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\5DFFD27B.sys
2019-07-17 13:35 - 2019-07-17 13:35 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Google
2019-07-11 14:00 - 2019-07-11 14:00 - 000157633 _____ C:\Users\Usuario\Desktop\auto_car_vintage_garage_citroen_ds_oldtimer_dunkel-961152 (1).jpg!d
2019-07-11 13:59 - 2019-07-11 13:59 - 000157633 _____ C:\Users\Usuario\Desktop\auto_car_vintage_garage_citroen_ds_oldtimer_dunkel-961152.jpg!d
2019-07-10 00:03 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 00:03 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 00:03 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 00:03 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 00:03 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 00:03 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 00:03 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 00:03 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 00:03 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 00:03 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 00:03 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 00:03 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 00:03 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 00:03 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 00:03 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 00:03 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 00:03 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 00:03 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 00:03 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 00:03 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 00:03 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 00:03 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 00:03 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 00:03 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 00:03 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 00:03 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 00:03 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 00:03 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 00:03 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 00:03 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 00:03 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 00:03 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 00:03 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 00:03 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 00:03 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 00:03 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 00:03 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 00:03 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 00:03 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 00:03 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 00:03 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 00:03 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 00:03 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 00:03 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 00:03 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 00:03 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-10 00:03 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 00:03 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 00:03 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 00:03 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 00:03 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 00:03 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 00:03 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 00:03 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 00:03 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 00:03 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 00:03 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 00:03 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 00:03 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 00:03 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 00:03 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 00:03 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 00:03 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 00:03 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 00:03 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 00:03 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 00:03 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 00:03 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 00:03 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 00:03 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 00:03 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 00:03 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 00:03 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 00:03 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 00:03 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 00:03 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 00:03 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 00:03 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 00:03 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 00:03 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 00:03 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 00:03 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-10 00:03 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 00:03 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 00:03 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 00:03 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 00:03 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 00:03 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 00:03 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 00:03 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 00:03 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 00:03 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 00:03 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 00:03 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 00:03 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 00:03 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 00:03 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 00:03 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 00:03 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 00:03 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-10 00:03 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-10 00:03 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 00:03 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 00:03 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 00:03 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 00:03 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 00:03 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 00:03 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 00:03 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 00:03 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 00:03 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 00:03 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 00:03 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 00:03 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 00:03 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 00:03 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 00:03 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 00:03 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 00:03 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 00:03 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 00:03 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-10 00:03 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 00:03 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 00:03 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-10 00:03 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 00:03 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 00:03 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 00:03 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 00:03 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 00:03 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 00:03 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-10 00:03 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 00:03 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 00:03 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 00:03 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 00:03 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-10 00:03 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 00:03 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 00:03 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 00:03 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 00:03 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 00:03 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 00:03 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 00:03 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 00:03 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-10 00:03 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 00:03 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 00:03 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 00:03 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 00:03 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-10 00:03 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 00:03 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 00:03 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-10 00:03 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-10 00:03 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 00:03 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 00:03 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 00:03 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 00:03 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 00:03 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-10 00:03 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 00:03 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-10 00:03 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 00:03 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 00:03 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 00:03 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 00:03 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 00:03 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 00:03 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 00:03 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 00:03 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-10 00:03 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 00:03 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 00:03 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 00:03 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-10 00:03 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 00:03 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 00:03 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 00:03 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 00:03 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 00:03 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 00:03 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 00:03 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 00:03 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 00:03 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 00:03 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 00:03 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-10 00:03 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-10 00:03 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 00:03 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 00:03 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-10 00:03 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-10 00:03 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-10 00:03 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-10 00:03 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-10 00:03 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 00:03 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 00:03 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 00:03 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 00:03 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 00:03 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 00:03 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 00:03 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 00:03 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 00:03 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 00:03 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 00:03 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 00:03 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 00:03 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-03 17:28 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-03 17:26 - 2018-06-02 11:35 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache
2019-08-03 17:20 - 2019-05-05 12:10 - 000003746 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-03 17:20 - 2019-05-05 11:13 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-08-03 17:20 - 2019-04-28 19:19 - 000003738 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-08-03 17:20 - 2019-04-28 19:19 - 000003412 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-08-03 17:20 - 2019-04-28 19:19 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-03 17:20 - 2019-04-28 19:19 - 000002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-08-03 17:20 - 2019-04-05 13:38 - 000002588 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2880194073-616569380-2500398765-1001
2019-08-03 17:20 - 2019-04-05 13:38 - 000002482 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2880194073-616569380-2500398765-1001
2019-08-03 17:20 - 2019-03-30 22:09 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-03 17:20 - 2019-03-28 18:05 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-03 17:20 - 2019-03-28 18:05 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-03 17:01 - 2018-06-02 11:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-08-03 16:44 - 2018-05-15 02:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-03 14:00 - 2016-11-19 19:57 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2019-08-03 13:58 - 2019-05-05 22:12 - 000000000 ____D C:\Users\Usuario\Desktop\mbar
2019-08-03 13:58 - 2019-05-05 11:18 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2019-08-03 13:04 - 2018-01-02 12:03 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2019-08-03 13:03 - 2018-04-30 18:51 - 000000000 ___RD C:\Users\Usuario\Google Drive
2019-08-03 12:46 - 2018-05-15 02:05 - 000000000 ____D C:\Users\Usuario
2019-08-03 12:46 - 2016-09-22 08:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-03 12:36 - 2018-05-15 02:11 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-03 12:36 - 2018-04-12 18:18 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2019-08-03 12:36 - 2018-04-12 18:18 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2019-08-03 12:36 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-03 12:28 - 2018-05-15 02:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-03 12:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-03 12:09 - 2018-12-19 15:30 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-08-02 20:24 - 2018-11-16 11:59 - 000000000 ____D C:\Program Files\rempl
2019-08-02 10:46 - 2018-08-09 22:09 - 000000000 ____D C:\Users\Usuario\Desktop\iGP Manager
2019-08-02 10:35 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-02 09:20 - 2019-03-20 00:36 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-08-01 12:06 - 2016-09-24 00:17 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-07-31 18:13 - 2018-09-30 16:52 - 000000000 ____D C:\Users\Usuario\Desktop\Música
2019-07-31 17:20 - 2019-06-27 13:04 - 000168896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-07-31 17:20 - 2018-12-18 00:44 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-07-30 22:16 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-27 16:29 - 2018-03-04 17:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-27 16:26 - 2018-12-18 00:44 - 000387896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-07-24 18:57 - 2019-06-27 13:08 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-07-24 18:57 - 2019-06-27 13:08 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-07-24 18:57 - 2019-06-27 13:08 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-24 18:57 - 2019-06-27 13:08 - 000002461 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-07-16 00:04 - 2017-04-29 12:24 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 00:04 - 2017-04-29 12:24 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-14 18:20 - 2017-01-18 15:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\ESET
2019-07-10 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-10 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-10 21:50 - 2018-04-30 18:48 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-07-10 21:50 - 2018-04-30 18:48 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-07-10 21:50 - 2018-04-30 18:48 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-07-10 21:50 - 2018-04-30 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-10 21:48 - 2017-01-16 14:06 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2019-07-10 21:46 - 2018-05-15 02:04 - 000569232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 21:46 - 2017-10-15 12:32 - 000000000 ___RD C:\Users\Usuario\3D Objects
2019-07-10 21:46 - 2016-07-27 14:57 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 00:24 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 00:24 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 00:05 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 00:03 - 2016-08-23 15:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 00:01 - 2016-08-23 15:27 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-09 23:58 - 2016-08-16 13:26 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories ================

2016-11-05 14:52 - 2019-06-27 17:57 - 000116871 _____ () C:\Users\Usuario\AppData\Local\ars.cache
2016-11-05 14:52 - 2019-06-27 17:58 - 007869441 _____ () C:\Users\Usuario\AppData\Local\census.cache
2016-11-05 12:50 - 2016-11-05 12:50 - 000000036 _____ () C:\Users\Usuario\AppData\Local\housecall.guid.cache
2016-08-23 18:54 - 2016-08-23 18:54 - 000007602 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2019-05-10 23:22 - 2019-05-11 17:46 - 000000010 _____ () C:\Users\Usuario\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-08-2019
Ran by Usuario (03-08-2019 17:37:26)
Running from C:\Users\Usuario\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-15 00:09:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2880194073-616569380-2500398765-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2880194073-616569380-2500398765-503 - Limited - Disabled)
Invitado (S-1-5-21-2880194073-616569380-2500398765-501 - Limited - Disabled)
Usuario (S-1-5-21-2880194073-616569380-2500398765-1001 - Administrator - Enabled) => C:\Users\Usuario
WDAGUtilityAccount (S-1-5-21-2880194073-616569380-2500398765-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Actualización de NVIDIA 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.14.5 - NVIDIA Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
AIO_CDA_ProductContext (HKLM-x32\...\{B5985100-D968-4B0D-B13C-B0362044612D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (HKLM-x32\...\{CBB55719-C875-4C5A-A0B6-2473F77DD164}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.1.1528.101 - Los creadores de Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C3100 (HKLM-x32\...\{E601C028-B828-4CCC-BDC3-9678CEFC6965}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
c3100_Help (HKLM-x32\...\{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{2DC75672-21F1-4B3B-AB9F-DBFBC178F51D}) (Version: 3.42.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn Of War - Winter Assault (HKLM-x32\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)
DawnOfWar (HKLM-x32\...\{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ) Hidden
DawnOfWar (HKLM-x32\...\InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 78.4.119 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
FS Water Configurator 3.15 (HKLM\...\FS Water Configurator) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
Geeks3D FurMark 1.14.1 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E8FF0A82-0696-4347-B4AE-708DE306FFE9}) (Version: 12.11.27.1 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
LibreOffice 6.1.6.3 (HKLM\...\{FDD378C0-438D-4E89-A692-6D010D5AF9D0}) (Version: 6.1.6.3 - The Document Foundation)
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version:  - Creative Technology Ltd.)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{8039B69D-FD7B-453D-9B63-836D949636FD}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft OneDrive (HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{246dcb72-b18c-4ab9-9de9-8a996296b01d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 es-ES) (HKLM\...\Mozilla Firefox 67.0.4 (x64 es-ES)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.3 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.7.0.181 - Symantec Corporation)
NVIDIA Controlador de 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Panel de control de NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PCMark 8 (HKLM\...\{1C105B2F-E38F-4CE4-97F7-D5F9381AC85F}) (Version: 2.7.613.0 - Futuremark) Hidden
PCMark 8 (HKLM-x32\...\{ffbe2963-bbe7-49f1-9c32-6fe7e17e5200}) (Version: 2.7.613.0 - Futuremark)
RealDownloader (HKLM-x32\...\{115CCDDD-8728-4789-983D-D041A8E02316}) (Version: 18.1.8.212 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{30f9b8e2-1723-49b3-a51a-6b1701314fd9}) (Version: 18.1.8.212 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{4602B6EE-69EC-4548-B271-94D43CAA6C6F}) (Version: 18.1.8.212 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.8 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (HKLM-x32\...\{CEF8613C-08DD-4092-9445-C3EBE9C81C37}) (Version: 18.1.8 - RealNetworks) Hidden
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\WhatsApp) (Version: 0.3.3793 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-09-24] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-10] (king.com)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-21] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
PDF Conversion Suite -> C:\Program Files\WindowsApps\28131MobiDreamNet.PDFConversionSuite_2.6.1.1000_x64__1k933r27wg1xm [2018-11-01] (Tiny Smart Apps) [MS Ad]
PDF Converter Bot -> C:\Program Files\WindowsApps\16200DatassemblyResearch.PDFConverterBot_1.1.11.0_x64__pzzx47jxjmsae [2017-09-10] (Datassembly Research)
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-08] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2880194073-616569380-2500398765-1001_Classes\CLSID\{709130FE-353B-4BBF-8C88-576B912CD4C7} -> [MEGAsync] => C:\Users\Usuario\Documents\MEGAsync [2019-07-28 19:37]
CustomCLSID: HKU\S-1-5-21-2880194073-616569380-2500398765-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Usuario\Dropbox [2016-09-24 00:20]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-19] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => F:\RPDS\Bin64\rpcontextmenu.dll [2017-06-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-08-03 13:03 - 2019-08-03 13:03 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_ctypes.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_elementtree.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_hashlib.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_multiprocessing.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_psutil_windows.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_socket.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_ssl.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\_yappi.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\bz2.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\cello.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\common.time34.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\hashobjs_ext.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\PIL._imaging.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\pyexpat.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\pysqlite2._sqlite.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\pythoncom27.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\pywintypes27.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\select.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\thumbnails_ext.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\unicodedata.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\usb_ext.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32api.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32com.shell.shell.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32crypt.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32event.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32file.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32gui.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32inet.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32pdh.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32pipe.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32process.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32profile.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32security.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\win32ts.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\windows.conditional.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\windows.connectivity.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\windows.device_monitor.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\windows.volumes.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\windows.winwrap.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wx._controls_.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wx._core_.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wx._gdi_.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wx._html2.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wx._misc_.pyd
2019-08-03 13:03 - 2019-08-03 13:03 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wx._windows_.pyd
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] f:\hp\digital imaging\bin\hpslpsvc64.dll
2018-05-15 02:04 - 2017-10-27 18:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2018-05-15 02:04 - 2017-10-27 18:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\python27.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wxbase30u_net_vc90_x64.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wxbase30u_vc90_x64.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wxmsw30u_adv_vc90_x64.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wxmsw30u_core_vc90_x64.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wxmsw30u_html_vc90_x64.dll
2019-08-03 13:03 - 2019-08-03 13:03 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI37402\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Usuario\Desktop\Document:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Usuario\Desktop\EOI:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\20681592.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\D22DF066.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\20681592.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\D22DF066.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-01-04 15:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2880194073-616569380-2500398765-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{2ddc6bd5-62d5-48c1-b2b0-3efc6c8dc94a}.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Usuario\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\amd64"
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3D68A1F7-2B86-4289-B222-4C4C0277A464}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{7E23651B-AE45-4655-8529-EF614B869DD3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{8BA38A52-B855-4899-BDAA-5E43FE22D91C}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{1F8BF5D9-FC0E-4DC2-9915-510CB5C350C0}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{2B10FDED-BD89-47FD-BC18-74818DF0A340}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{F801E9CD-F2A1-4E12-9BF1-F6B484E12068}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{4CC98097-6D71-42EF-B512-CBA898DF2E34}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{441CE17F-55C9-4700-9393-F6C7F7F4A8BF}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EC96003B-156E-4EF8-9169-A6CA13568D4F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2C42FA85-5B70-40A0-9CE8-04C544ADD58D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A0716B2C-E999-46B1-87FF-E1DF32B94BDE}] => (Allow) C:\Users\Usuario\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe No File
FirewallRules: [{54A4D1B0-E1CE-4E99-B396-3517CD58BC57}] => (Allow) C:\Users\Usuario\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe No File
FirewallRules: [TCP Query User{EBA267CA-BB1C-4A35-8141-F67F4C81FFE7}F:\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) F:\thq\dawn of war - dark crusade\darkcrusade.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [UDP Query User{48297C4F-3E0D-4480-87C1-3C97C2F2E26C}F:\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) F:\thq\dawn of war - dark crusade\darkcrusade.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [TCP Query User{C7C7A8CD-9B50-4701-8F43-74EB2C12AA90}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{A7E98B5F-C387-4E3A-830A-C32D7DF10085}C:\users\usuario\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\usuario\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{028FA985-5A8A-4E49-910A-B373AA9302C8}F:\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) F:\thq\dawn of war - dark crusade\darkcrusade.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [UDP Query User{4479C233-A740-4DEF-B84B-F016DEDA8E72}F:\thq\dawn of war - dark crusade\darkcrusade.exe] => (Allow) F:\thq\dawn of war - dark crusade\darkcrusade.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{37D43551-1042-42E1-943A-BC908FA1104D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FC07E5C7-0C18-4E09-87E6-A954038C4AB3}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{E96410D2-DCF4-441B-B0A4-09A998B8BD39}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

08-07-2019 20:11:59 Punto de control programado
20-07-2019 22:15:44 Punto de control programado
28-07-2019 12:22:50 Punto de control programado
02-08-2019 20:23:59 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2019 01:14:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RealPlayerUpdateSvc.exe, versión: 18.1.8.212, marca de tiempo: 0x5932053c
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.799, marca de tiempo: 0x636bcb43
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0009548d
Identificador del proceso con errores: 0xd5c
Hora de inicio de la aplicación con errores: 0x01d549e629dac821
Ruta de acceso de la aplicación con errores: F:\UpdateService\RealPlayerUpdateSvc.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 241443e5-9d53-4fa4-8b1e-410289203ce5
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/03/2019 11:59:23 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (08/03/2019 11:59:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (08/03/2019 11:57:23 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (08/02/2019 11:57:22 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (08/02/2019 11:57:22 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (08/01/2019 12:06:19 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad

Error: (08/01/2019 12:06:19 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) No puede encontrar el objeto o propiedad


System errors:
=============
Error: (08/03/2019 05:20:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 04:45:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 04:45:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 03:03:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 02:28:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 01:35:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 01:18:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-808CCCP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-808CCCP\Usuario con SID (S-1-5-21-2880194073-616569380-2500398765-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/03/2019 01:15:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio RealPlayer Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2019-08-01 19:17:30.669
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F3506C15-A076-45B7-8E4C-E607930228CA}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-01 18:59:33.478
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {726A70C7-61E6-480F-BDC1-8B1C2C202486}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-01 18:47:49.017
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {81F2BFC7-3C95-4F36-A4BE-C8D6F0D14266}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-08-01 11:28:46.182
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {0C61B4D7-2A4E-4FF1-8246-9880B5C3BD05}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-07-31 18:32:03.454
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {489DEB7F-3789-4812-91B7-6754011729B6}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-02-28 18:58:09.556
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-12-30 13:55:05.202
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-12-30 13:53:19.319
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-12-19 14:43:01.268
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

CodeIntegrity:
===================================

Date: 2019-06-27 15:32:27.141
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-27 15:32:27.128
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-27 15:32:26.524
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-27 15:32:26.510
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-11 19:14:53.948
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-11 19:14:53.934
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-11 19:14:53.220
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-11 19:14:53.207
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0601 11/16/2015
Motherboard: ASUSTeK COMPUTER INC. Z170-P
Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Percentage of memory in use: 19%
Total physical RAM: 16307.14 MB
Available physical RAM: 13098.57 MB
Total Virtual: 18739.14 MB
Available Virtual: 15428.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:65.81 GB) NTFS
Drive f: () (Fixed) (Total:931.39 GB) (Free:240.75 GB) NTFS

\\?\Volume{2b8b9b3e-eea9-4c90-9ee6-6c08b496106e}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{4717b2dd-b333-470a-9082-baf0900153ea}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Usuario\Desktop\Document:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Usuario\Desktop\EOI:com.dropbox.attributes [168]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1112EC4B-D245-4810-980D-EFC5E6BA4312} - System32\Tasks\Norton Security Scan => C:\Program Files\Norton Security Scan\Engine32\4.7.0.181\NSS.exe [486480 2017-12-26] (Symantec Corporation -> Symantec Corporation)
Task: {BB9CFA40-833E-41DD-A7BE-DE62046B243D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\PTK-Scheduler-Norton Security Scan.job => C:\Program Files\Norton Security Scan\Engine32\4.7.0.181\NSS.exeÆaction=run fmui C:\Program Files\Norton Security Scan\Branding\Config.dll
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.es/search?q={searchTerms}
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S0 D22DF066; system32\drivers\D22DF066.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

1 me gusta

Disculpa el inciso, pero al intentar hacer la copia del registro me sale el siguiente mensaje:

¿Sigo igualmente?

Has ejecutado DELFIX pulsando en botón derecho y seleccionando -Ejecutar como Administrador-. :thinking:

1 me gusta

Sí, así lo he hecho.

Dime que ocurre SI le das a ACEPTAR/SI, si sigue el proceso o te salen mas mensajes de error.??

1 me gusta

Le he dado una vez a ACEPTAR/SÍ y ha salido otro mensaje idéntico al primero, pero con un número distinto. Le he vuelto a dar a ACEPTAR/SÍ y el mensaje ahora es ligeramente distinto:

Ver Imagen: http://s2.subirimagenes.com/otros/previo/thump_9905086error-al-copiar-regi.jpg

Hola.

Sigue aceptando los mensajes de error que te vayan apareciendo y continúa con los pasos Indicados.:+1:

1 me gusta

Hecho :+1: . Muchas gracias.

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-08-2019
Ran by Usuario (04-08-2019 13:08:15) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> [CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Usuario\Desktop\Document:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Usuario\Desktop\EOI:com.dropbox.attributes [168]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1112EC4B-D245-4810-980D-EFC5E6BA4312} - System32\Tasks\Norton Security Scan => C:\Program Files\Norton Security Scan\Engine32\4.7.0.181\NSS.exe [486480 2017-12-26] (Symantec Corporation -> Symantec Corporation)
Task: {BB9CFA40-833E-41DD-A7BE-DE62046B243D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\PTK-Scheduler-Norton Security Scan.job => C:\Program Files\Norton Security Scan\Engine32\4.7.0.181\NSS.exe�action=run fmui C:\Program Files\Norton Security Scan\Branding\Config.dll
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2880194073-616569380-2500398765-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.es/search?q={searchTerms}
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S0 D22DF066; system32\drivers\D22DF066.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\[CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\[CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\[CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\[CC]{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\[CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\Users\Usuario\Desktop\Document => ":com.dropbox.attributes" ADS removed successfully
C:\Users\Usuario\Desktop\EOI => ":com.dropbox.attributes" ADS could not remove.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1112EC4B-D245-4810-980D-EFC5E6BA4312}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1112EC4B-D245-4810-980D-EFC5E6BA4312}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Security Scan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Scan" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB9CFA40-833E-41DD-A7BE-DE62046B243D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB9CFA40-833E-41DD-A7BE-DE62046B243D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\WINDOWS\Tasks\PTK-Scheduler-Norton Security Scan.job => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-2880194073-616569380-2500398765-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-2880194073-616569380-2500398765-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} => removed successfully
HKLM\Software\Classes\CLSID\{85A60A59-D3D8-468F-B598-FB4393789EF4} => not found
HKLM\System\CurrentControlSet\Services\PSKMAD => removed successfully
PSKMAD => service removed successfully
HKLM\System\CurrentControlSet\Services\D22DF066 => removed successfully
D22DF066 => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2880194073-616569380-2500398765-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2880194073-616569380-2500398765-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::985a:784:4f76:34bf%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.14
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 615260859 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 323480 B
Edge => 1769995 B
Chrome => 380753486 B
Firefox => 86689896 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 27272 B
LocalService => 0 B
NetworkService => 128234 B
NetworkService => 0 B
Usuario => 120273170 B

RecycleBin => 490211486 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:09:12 ====

Hola.

Perfecto y ahora comentanos como sigue el problema que nos planteaste inicialmente… :thinking:

Saludos.

1 me gusta