Ayuda posible malwere AutoIt Error

Buenas, desde hace un tiempo me sale al iniciar el ordenador (tengo windows 7) un mensaje que dice:

AutoIt Error Line 0 (Flile “C:/ProgramData/Intel/Wireless/0066edc/e79f2b6.au3”): Error: Error opening the file.

No le había dado mucha importancia porque el Avast no lo detectaba como malwere ni virus pero leyendo por el foro he visto que puede ser dañino. He limpiado también el registro con CCleaner, pero sigue ahí.

Agradecería si pudieran ayudarme. Paula

Hola, buenas @pau.ele bienvenida al foro.

Puede ser malware, sí…

¿Desde cuánto tiempo hace? ¿Relacionas la aparición de dicho mensaje con haber descargado algo/instalado algo de dudosa procedencia/reputación?

¿El ordenador va lento?

¿Se abren pestañas solas…?

Es decir… notas algo más anómalo en la máquina aparte del mensaje que dices… :thinking: :thinking:

Salu2.

Hola, gracias por responder!

Hace un par de meses ya que me pasa, y en principio no lo relaciono con la instalación de ningún programa nuevo. Aunque si que me va un poco lento, el portátil tiene unos cuantos años así que no se si va mucho más lento de lo normal.

Pero a parte del mensaje al iniciar el ordenador ni se abren pestañas solas ni nada más fuera de lo normal.

De nada @pau.ele

OK.

OK :+1:

Pues empezaremos con esto:

:one: EN BUSCA / ELIMINACIÓN DE MALWARE

(Mantén conectados todos tus dispositivos externos que tengas como: USBs, discos duros externos, etc).

Por favor, descarga todo el software de los enlaces que pongo/de sus respectivos manuales.

Ahora ejecutarás una serie de herramientas respetando el orden los pasos con todos los programas cerrados incluidos los navegadores.

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas y discos duros externos si también tienes.

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

0) Descarga Ccleaner Aquí te dejo su manual: Manual de CCleaner , para que sepas como usarlo y configurarlo correctamente.

Lo instalas y lo ejecutas. En la pestaña Limpieza personalizada dejas la configuración predeterminada. Haces clic en Analizar y esperas a que termine. Seguidamente haz clic en Ejecutar Limpiador. Clic en la pestaña Registro > clic en Buscar Problemas esperas que termine. Finalmente clic en Reparar Seleccionadas y realizas una Copia de Seguridad del registro de Windows.

1) Descarga, instala, actualiza y ejecuta Malwarebytes’ Anti-Malware. Aquí te dejo su manual: Manual de Malwarebytes, para que sepas como usarlo y configurarlo correctamente.

  • Realizas un Análisis Personalizado, marcando Todas las casillas de la Derecha y de la Izquierda, actualizando si te lo pide. Es decir: conectas todos tus dispositivos externos (todos los discos duros externos que tengas, así como todas las USB que tengas, incluida la que me has dicho anteriormente y marcas todas las unidades de disco disponibles y las siguientes casillas:

1. Analizar objetos en memoria

2. Analizar configuracion de inicio y registro

3. Analizar dentro de los archivos

  • Pulsar en “Eliminar Seleccionados” para enviar las infecciones a la cuarentena y Reinicias el ordenador.
  • Para acceder posteriormente al informe del análisis te diriges a: Informes >> Registro de análisis >> pulsas en Exportar >> Copiar al Portapapeles y pones el informe en tu próxima respuesta.

2) Descarga Adwcleaner en el escritorio.

  • Desactiva tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7/8 u 10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
  • Pulsar en el botón Analizar Ahora, y espera a que se termine el análisis. Inmediatamente pulsa sobre el botón Iniciar Reparación.
  • Espera a que termine y sigue las instrucciones que te aparezcan. Si te pidiera Reiniciar, pues reinicias el ordenador pulsando en Aceptar.
  • Si no encuentra nada, pulsa en Omitir Reparación.
  • El log lo encontrarás en la pestaña Informes, volviendo a abrir el programa, si es necesario o en la siguiente ubicación: C:\AdwCleaner\Logs\AdwCleaner[C0].txt.
  • Para más información aquí te dejo su manual: Manual de Adwcleaner.
  • Activa de nuevo tu antivirus y cualquier programa de seguridad que tengas activado.

3) Utiliza nuevamente CCleaner tal como te dije en el punto 0.

Pegas los reportes de Malwarebytes y AdwCleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

1 me gusta

Perfecto, he seguido los pasos. Al reiniciar el ordenador después del analisis con Malwarebytes ya no me ha salido el mensaje de AutoIt. Adjunto los informes.

De AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-30-2021
# Duration: 00:00:24
# OS:       Windows 7 Home Premium
# Cleaned:  149
# Failed:   0


***** [ Services ] *****

Deleted       WtuSystemSupport

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted       C:\Program Files (x86)\avg web tuneup
Deleted       C:\Program Files\Common Files\AVG Secure Search
Deleted       C:\ProgramData\AVG Secure Search
Deleted       C:\ProgramData\AVG Security Toolbar
Deleted       C:\ProgramData\AVG_UPDATE_0915TB
Deleted       C:\ProgramData\Ask
Deleted       C:\ProgramData\avg web tuneup
Deleted       C:\Users\Alex\AppData\Local\avg web tuneup
Deleted       C:\Users\Paula\AppData\Local\avg web tuneup

***** [ Files ] *****

Deleted       C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\mbbmc3ii.default\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\0915TBUPDATEINFO
Deleted       C:\Windows\Tasks\0915TBUPDATEINFO.JOB

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted       HKCU\Software\Softonic
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5660A9D7-CC82-4016-BA85-EFBB4AC8BFF0}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5660A9D7-CC82-4016-BA85-EFBB4AC8BFF0}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0915TBUPDATEINFO
Deleted       HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Deleted       HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Deleted       HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Deleted       HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Deleted       HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Deleted       HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Deleted       HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Deleted       HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Deleted       HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Deleted       HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Deleted       HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Deleted       HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Deleted       HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Deleted       HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Deleted       HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Deleted       HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Deleted       HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Deleted       HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Deleted       HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Deleted       HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Deleted       HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Deleted       HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Deleted       HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Deleted       HKLM\Software\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Deleted       HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Deleted       HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Deleted       HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Deleted       HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Deleted       HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Deleted       HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Deleted       HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Deleted       HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted       HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Deleted       HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Deleted       HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Deleted       HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Deleted       HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Deleted       HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Deleted       HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Deleted       HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Deleted       HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Deleted       HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Deleted       HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Deleted       HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Deleted       HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Deleted       HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Deleted       HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted       HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted       HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Deleted       HKLM\Software\Classes\WtuServer.WtuServerObj
Deleted       HKLM\Software\Classes\WtuServer.WtuServerObj.1
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted       HKLM\Software\Wow6432Node\AVG Tuneup
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Deleted       HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted       AVG Web TuneUp - [email protected]

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [22593 octets] - [30/04/2021 00:37:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Y de Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 29/4/21
Hora del análisis: 20:52
Archivo de registro: fd201232-a91b-11eb-afc1-c86000109572.json

-Información del software-
Versión: 4.3.0.98
Versión de los componentes: 1.0.1273
Versión del paquete de actualización: 1.0.39951
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Portátil2\Paula

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 586550
Amenazas detectadas: 88
Amenazas en cuarentena: 88
Tiempo transcurrido: 3 hr, 4 min, 35 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 12
PUP.Optional.1ClickDownload, HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\SOFTWARE\1ClickDownload, En cuarentena, 2023, 235164, 1.0.39951, , ame, , , 
PUP.Optional.Tuto4PC, HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\SOFTWARE\Tutorials, En cuarentena, 888, 315308, 1.0.39951, , ame, , , 
PUP.Optional.Tuto4PC, HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\SOFTWARE\TutoTag, En cuarentena, 888, 244265, 1.0.39951, , ame, , , 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\Tutorials, En cuarentena, 888, 315599, 1.0.39951, , ame, , , 
PUP.Optional.SearchTheWeb, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchTheWebARP, En cuarentena, 6967, 469008, 1.0.39951, , ame, , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, En cuarentena, 83, 168092, 1.0.39951, , ame, , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}, En cuarentena, 83, 169753, , , , , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}, En cuarentena, 83, 169753, 1.0.39951, , ame, , , 
Adware.1ClickDownload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, En cuarentena, 665, 169917, , , , , , 
Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, En cuarentena, 665, 169917, , , , , , 
Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, En cuarentena, 665, 169917, 1.0.39951, , ame, , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, En cuarentena, 83, 168097, 1.0.39951, , ame, , , 

Valor del registro: 5
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}, En cuarentena, 83, 538246, 1.0.39951, , ame, , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, En cuarentena, 83, 538247, 1.0.39951, , ame, , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}, En cuarentena, 83, 538246, 1.0.39951, , ame, , , 
PUP.Optional.Iminent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, En cuarentena, 83, 538247, 1.0.39951, , ame, , , 
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|8DAC168A, En cuarentena, 5637, 783345, 1.0.39951, , ame, , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 5
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6, En cuarentena, 5637, 781623, , , , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\0066EDC, En cuarentena, 5637, 781623, 1.0.39951, , ame, , , 
Adware.EoRezo, C:\Users\Paula\AppData\Local\eorezo\eorezo\1.10, En cuarentena, 1222, 172800, , , , , , 
Adware.EoRezo, C:\Users\Paula\AppData\Local\eorezo\eorezo, En cuarentena, 1222, 172800, , , , , , 
Adware.EoRezo, C:\Users\Paula\AppData\Local\eorezo, En cuarentena, 1222, 172800, 1.0.39951, , ame, , , 

Archivo: 66
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\0066EDC\CACIJBF.EXE, En cuarentena, 5637, 783345, , , , , 3F58A517F1F4796225137E7659AD2ADB, 1DA298CAB4D537B0B7B5DABF09BFF6A212B9E45731E0CC772F99026005FB9E48
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\01-06-2020.log, En cuarentena, 5637, 781623, , , , , 4E55765BAD55984354DED8C9253E8FE8, E8E7F5D4021158F0448008473B09D355A2D141A360DA8155BA8F4030765882EA
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\02-05-2020.log, En cuarentena, 5637, 781623, , , , , 195161C013F0680FD7B45899C4B27A00, 1B75E3292E3845CFE1E31BCEC202BAE26AE1A6C321405DEDBF5C7071582C268C
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\02-06-2020.log, En cuarentena, 5637, 781623, , , , , 32D5B8020D1E42D9295E54E5CE3BE742, B7B21F80653CD6A7164F89F876C85E1B3574BAC61851971ACBE0E76399FECDED
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\03-05-2020.log, En cuarentena, 5637, 781623, , , , , 2C34E16DB98F032214F1BD4A2ECA2419, C97E287324E9339F667B01F1E1541C1B193653C2E574DF34DAB629BB2ECAC138
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\03-06-2020.log, En cuarentena, 5637, 781623, , , , , 2C736F6154B9839B8CA66937D4E1E51A, 641001F24BB4A734F1C98E38F4C81EA0BB3D9A708135AC42A1181F418C0DE8BB
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\04-06-2020.log, En cuarentena, 5637, 781623, , , , , 707F3299A0FA2FB81F6C4E481DED167E, D8CF87C46D6D5394ED24054354BB67C9EE447E35944FBE5E7F9510FB9840C20B
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\05-05-2020.log, En cuarentena, 5637, 781623, , , , , E557D01FE1503CBB11700C346A4B4BAB, 7DD23493FFBCE3EC85D689E559E04757D9129A66B4A98AABB26ED80E82671E16
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\05-06-2020.log, En cuarentena, 5637, 781623, , , , , 89CB679C2D949F3BCC84A8247E7BFC6D, 96F5E86BA803C02E84DF1E5FBEBE646F524C8FD01082CEE329A85399741397AC
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\07-04-2020.log, En cuarentena, 5637, 781623, , , , , A69039FB10A42704B76870CDD62D0E6F, 1DB13FD169FD976AA1CA9C5A6DF69461C8BD1C292CEFA4147943EE1C16012299
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\07-06-2020.log, En cuarentena, 5637, 781623, , , , , A0E2CDC3FD65E6BBC8B3BB5AB5012B72, BF62E0A6CB5E5E3F3FCDA13CCDCA29B888823A022C07C4D58B5B7C4D883D5769
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\08-04-2020.log, En cuarentena, 5637, 781623, , , , , 28363D77F798E6BBCAF48E6871EF777B, 5B7F1E7D99DCC7634CAAD35A3876CE01A8E9DEB357E468B70E1845095D7523BC
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\08-05-2020.log, En cuarentena, 5637, 781623, , , , , 65911DEFD22CF0FDB52D46AF2CE9B0F2, F2F4355D6ADF730235A13DA217F8293E69086670EA7928724B9FDB39155031E2
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\08-06-2020.log, En cuarentena, 5637, 781623, , , , , F06EA61292D2BFA46E8559807720E6B1, 8B3A793F5AF7B57EE2E7AB8B7CE02E1C97460A40620C9A445B28DD8AF9BB6C35
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\09-04-2020.log, En cuarentena, 5637, 781623, , , , , 6B628779FB8FB726CD1BB9F0EFA4D38B, B93DAC1882F809F027DDFCA2949E7C416A6B73926B1679163F6AE2271D887B22
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\09-06-2020.log, En cuarentena, 5637, 781623, , , , , FD4EF8CD0FA7A04E81202F6757DF2FE9, D5FEFB95BB7E02C5D3F1BB6D4783C0411EC58187551A03B23D95F989A9C9290E
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\10-04-2020.log, En cuarentena, 5637, 781623, , , , , 51E4086FC1485047FFB8B7109EB8155C, E1B10F7298ED5B906D7625F94AF5F58E9DB4678F4EA2C414A9578EFE0E463D8C
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\10-05-2020.log, En cuarentena, 5637, 781623, , , , , EF7C37DC67134285EB10546963B8E782, A865EB641377F80B8505EEE6F534C3E6B9074B345787A58A85A1404F2E084104
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\10-06-2020.log, En cuarentena, 5637, 781623, , , , , 6A03C206BCAC90B6B00F8E993F7A7806, ADCFE725F6C1BB1AB21C81E9527E0CEA31E3635C8E6177CBA0E01AF80A030A14
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\11-04-2020.log, En cuarentena, 5637, 781623, , , , , C2C5153C71FA4B148042778104C16A19, 8BBF0C5F9DCA8B7C6F6D34770A2BE5A2738427A9091E3A8A37B092D4E47A2CB1
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\11-05-2020.log, En cuarentena, 5637, 781623, , , , , A4133D97B9E8C4FAA67D554EF225D58E, 461EF6893B5DD5F65F779DCFB16BF40509D56723A0EB74D39294441CE542FBF6
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\11-06-2020.log, En cuarentena, 5637, 781623, , , , , 12BED1DE033116ED3926CA3EE8FD13CD, 54B54C2CA55A93F73190240116E38BF99F51F17E5E9E1866D657F840BD4DC26C
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\12-06-2020.log, En cuarentena, 5637, 781623, , , , , 7882D4458B89FF8EDAB9C56C3B947616, 84A60ED0AFD76A4F2B944FFB129F8E901A96D7D91FAF7B2B5EE1E40B378B922F
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\13-04-2020.log, En cuarentena, 5637, 781623, , , , , 88270C96A2AD79DAF83C0438767567F8, 92597CE9278F82F7FF0FA1AB04A053542CDCFCC289520B03B7BE6A5311832A51
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\13-05-2020.log, En cuarentena, 5637, 781623, , , , , 8CDAB512A7153DAC7989084A9BB31E7E, CBC34C101E326D2048DB07DEEABF5B1118267A19063562CA1C67C09107BB9C04
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\14-05-2020.log, En cuarentena, 5637, 781623, , , , , 99E67F449F7F7BE41AA90FD417A28EFC, E933D11AEF346A208D8BCF97EB832CF08149C3BDE869E1DB37721D9768E07794
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\14-06-2020.log, En cuarentena, 5637, 781623, , , , , DA6DE3161CA94D28CDB9B9E04FC7B4A7, 8F088D1FC7BC87B732C711EB639EF756B0E567194E8DAE3E06C9954A425B937F
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\15-04-2020.log, En cuarentena, 5637, 781623, , , , , BF4692605B8072E502C10E8236354194, 027D5A62EF660D5E05832AD0BA29EF69A82A73A9A8159DCEB43EC1F203CCB341
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\15-05-2020.log, En cuarentena, 5637, 781623, , , , , D61E153D57E4FDAAE2618DB0134D3689, 537F357C21D03C7D30A3ED89181FE8FEB1A447564C9FCA14FE2A1B194D3D42C5
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\15fe321, En cuarentena, 5637, 781623, , , , , 1D2DF9C3FD709ABA6CB9093A075DCEFC, 9B38360320F35D5E7A2C20F2EFA1A4C4C26F4061DCA4B5C2F015BE7E678668D3
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\16-04-2020.log, En cuarentena, 5637, 781623, , , , , AC09A05C83B034E6681E610E8DCEF04F, 9BA1FD094F4BDF018F6D6C37212AB5B35327D63032CC4BFC128BBB364874C6C2
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\16-05-2020.log, En cuarentena, 5637, 781623, , , , , BFB9A56C75355A82B9261B10F0154413, 354329099DA7F0EAFCC3846449FD8692AED8050669607823958E90662AB1B498
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\16-06-2020.log, En cuarentena, 5637, 781623, , , , , CEE647BCD65B7978D2B08764C60358C0, 05B5FDFA035255C1A71831628ACE72FAE5555A1CF2230DBAC92F59ED29FB2E8D
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\17-04-2020.log, En cuarentena, 5637, 781623, , , , , 6E2145FF5404514DC4CED88E688E460A, F344F97F2B35EE922E4D9C2BB99C93D9BE7172FF34ADBB56749B100D61657F80
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\17-05-2020.log, En cuarentena, 5637, 781623, , , , , A651B4BDA5F69C54B8A898984FA68A83, FFA9BB9237C666AB0C2B4E2A1E19EF469A7CD8032F606307436718904AA7C069
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\17-06-2020.log, En cuarentena, 5637, 781623, , , , , B55E279ADFA86DFF4DCDCB9C1B63A905, 927C4E2F73607FA78E919C9705CDF1AEFA90DB2C4132B25D4D47B899212B909A
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\18-04-2020.log, En cuarentena, 5637, 781623, , , , , 40C8F41B9FA8F2590BF998C89179A202, B845AF2C883B4C62FECD657E166DBB57DA4B1C328B76F1DC33D3A5F51377D065
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\18-05-2020.log, En cuarentena, 5637, 781623, , , , , 0F4BE69C7168E41791FD327B0ED561BD, 694DB47B50F6013D064150FFEEAC8BAD307AE64D2ED8FA365490A541F7FC5EC1
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\19-04-2020.log, En cuarentena, 5637, 781623, , , , , FA0DD1D3F9F5720CF1A395E9D979F6C8, B931175E11C45FCE9880A64A51468A4CBB40C1066BB44146AF4020E64480C20B
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\19-05-2020.log, En cuarentena, 5637, 781623, , , , , 52C36350C432977EE5D3643B79B6CFE6, AC8C29C287880FA4E9D2DBF65268E0DE1C15C3A5E64B60E5DE2F3A722FBA04AF
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\19-06-2020.log, En cuarentena, 5637, 781623, , , , , D4D1EB31D61FA2BF6CC1FDEFB6AC33CF, 817023D21F985AAC85C7D113478C5147A8495D870F381193F8AFE6764B359651
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\20-04-2020.log, En cuarentena, 5637, 781623, , , , , 56387386D35E5DDE1287C4A880E192E5, 7A9B0A007339FA84D8BBEB353B0026FE94867784486BE97AE965E8A6A9F6C36B
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\20-05-2020.log, En cuarentena, 5637, 781623, , , , , CA290A6CF46F7CFB1ECECF6D17EE35B5, C3493DDB4FE7FF0AF36D02B754A2759F6F86FE5BC7E6B93E8A4CF6AEB408855B
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\21-04-2020.log, En cuarentena, 5637, 781623, , , , , F5D241085A0964072504BC937956C510, 3304D1FDECFDFE4063A838E7644807593EC44B3623251BB6C80E7371922D3CD8
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\21-05-2020.log, En cuarentena, 5637, 781623, , , , , 425FCA231864FBCEA364AC57B5E2337B, 4EA7F05A879529B79D1675D6CF9F482736AA002C8FCC9BEB797FF8477EDBEC72
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\22-05-2020.log, En cuarentena, 5637, 781623, , , , , C95D72EB093DDA433BE3F5BAED6076DF, 6D9E2C6B0CD8C38A6123CEAE491E05B7058B6C9CBDA2A8C625EA696CF0D71AB4
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\24-04-2020.log, En cuarentena, 5637, 781623, , , , , 05BE6ACFB4EDDEFFFF3EEB6762497D78, 7B2BDD4CD13F9991A39749CE55928F269C3F885C50373130B17C22BCBCCA7748
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\24-05-2020.log, En cuarentena, 5637, 781623, , , , , 9D2F2ED2D0BE47B3C587F21CCE2EFCFD, 4A840166E210294669E10134B53AB71A0D9CC4A76653773B9561EF11DBA03927
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\25-05-2020.log, En cuarentena, 5637, 781623, , , , , 28D84228BF30F726B03070C87D5CA228, DCA3ED520A30332214FF116809CBCEC44DE6AE509ED17ECC371541943EB93685
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\26-04-2020.log, En cuarentena, 5637, 781623, , , , , D415859C5192E32A09AB76F5092F7010, 4C4FB999AB1222E671C9167B5994AAF15D0AD354A7B37ECD3F109D00EEA57061
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\26-05-2020.log, En cuarentena, 5637, 781623, , , , , E0E9F38A887B5EDE5A19ACCF257DBCA9, 9F6CA93AC58A8D8B831C0DB10F93C0CB28679787FDA9C5E5F9EBBB1887B404CB
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\27-04-2020.log, En cuarentena, 5637, 781623, , , , , 8D1AE2119EBD95A347F9E6169BB4C07B, F352AF7F7F18E329E5CF48FB6F35775A86FF89BC055734F16FC08064D7382F60
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\27-05-2020.log, En cuarentena, 5637, 781623, , , , , B1212C1C66D4FF9DA88C705F962B1F01, CB355830C2827C5E75CF93B8AA6E0B7E7D89D7784F3DFF94F808FFA4427B7BFD
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\28-04-2020.log, En cuarentena, 5637, 781623, , , , , 2D2848A68CDCE57C4286F6ADF783F490, E384AADB995185FC22C1F5CE4048A71A6E90D05A43D6B7DD8753E318BF52B476
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\28-05-2020.log, En cuarentena, 5637, 781623, , , , , 8BDB0931A84AB60BC7D350E1B9E8F90F, 4F706CF6697BA362CA49901D97FBE9CF7E23D58B35E74C166792EAA982895EE1
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\29-05-2020.log, En cuarentena, 5637, 781623, , , , , 40719C11B46D9E33D6BFB237AD51AA54, 1130DBF858AB424B7D9B1C292481E800E189F2E344A62588F4181C229C4E7900
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\30-04-2020.log, En cuarentena, 5637, 781623, , , , , DB9E4484228DBEB19CDCCED5B3F5DFE0, 53DFD3B1A335D44A59A6EA5679CA053C1109F2031E2B64D4E661B6D7038280F5
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\30-05-2020.log, En cuarentena, 5637, 781623, , , , , 3EB6C6EABDC757EE290F827D826CB986, 2C5094AAF335755C23CFEB9094BEBC70807AEB83364411352B4118999CAF9430
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\db0549e, En cuarentena, 5637, 781623, , , , , D3E183ECC1437822C1DDB961AD6E731C, 50957FC06EC94156F953806A91C2E3ECF7E88AA8A219821143A54D25FDBE1FA6
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\pe.bin, En cuarentena, 5637, 781623, , , , , E58392195B2B912CA1365CB94DCE3E65, 743B6E8ADB86062FC6645305EBFA07D465497E36883AC3348DF57407BF409047
Adware.EoRezo, C:\Users\Paula\AppData\Local\eorezo\eorezo\1.10\eorezo.cyl, En cuarentena, 1222, 172800, , , , , 77C5123950A35BCBFDAE74CD7DAA2ABC, 9B056FACB329058C8FF1F3C5470303D71C789F5419540673DD508DCEAA13D97B
PUP.Optional.BundleInstaller, C:\USERS\PAULA\APPDATA\ROAMING\UTORRENT\UTORRENT.EXE, En cuarentena, 526, 816339, 1.0.39951, , ame, , 8D706AEF2C363C9EF5AC01AAFA876746, 539647A8DEAC1C0B7BD03865CCCA0A33973835601C60BE95CB2376A988255888
PUP.Optional.BundleInstaller, C:\USERS\PAULA\DESKTOP\UTORRENT.EXE, En cuarentena, 526, 816339, 1.0.39951, , ame, , 8D706AEF2C363C9EF5AC01AAFA876746, 539647A8DEAC1C0B7BD03865CCCA0A33973835601C60BE95CB2376A988255888
PUP.Optional.BundleInstaller, C:\USERS\PAULA\APPDATA\ROAMING\UTORRENT\UPDATES\3.3.1_29963.EXE, En cuarentena, 526, 816339, 1.0.39951, , ame, , 8D706AEF2C363C9EF5AC01AAFA876746, 539647A8DEAC1C0B7BD03865CCCA0A33973835601C60BE95CB2376A988255888
PUP.Optional.BundleInstaller, D:\PROGRAMAS\UTORRENT.EXE, En cuarentena, 526, 816339, 1.0.39951, , ame, , 35238D8E052C7CFDDE63E6C11CE852FA, 6453D431431EC8CCB8B859E079062750A7F50F0B6F4266EBBED97A36F45013A1
PUP.Optional.Softonic, D:\PROGRAMAS\SOFTONICDOWNLOADER_PARA_DERIVE.EXE, En cuarentena, 2012, 598989, 1.0.39951, , ame, , 9ACF1798DC1944A9FCB7FE6CC8504948, 49012F4BA449D7415674DCA49D1697DC044C57D4FF2C8DAC365607B5C247BF91

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Muchas gracias por la ayuda! Algo más que deba hacer? La verdad es que estoy un poco sorprendida con los resultados, pensaba que teniendo avast premium tendría el ordenador más protegido.

Hola, buenas @pau.ele

:+1: vamos por el buen camino, pero como ya te dije:

Efectivamente como ya dije lo del AutoIt Error Line 0 esta causado por Malware claramente como puedes ver:

Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|8DAC168A, En cuarentena, 5637, 783345, 1.0.39951, , ame, , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6, En cuarentena, 5637, 781623, , , , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\0066EDC, En cuarentena, 5637, 781623, 1.0.39951, , ame, , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\0066EDC\CACIJBF.EXE, En cuarentena, 5637, 783345, , , , , 3F58A517F1F4796225137E7659AD2ADB, 1DA298CAB4D537B0B7B5DABF09BFF6A212B9E45731E0CC772F99026005FB9E48
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\01-06-2020.log, En cuarentena, 5637, 781623, , , , , 4E55765BAD55984354DED8C9253E8FE8, E8E7F5D4021158F0448008473B09D355A2D141A360DA8155BA8F4030765882EA
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\0066edc\80850b6\02-05-2020.log, En cuarentena, 5637, 781623, , , , , 195161C013F0680FD7B45899C4B27A00, 1B75E3292E3845CFE1E31BCEC202BAE26AE1A6C321405DEDBF5C7071582C268C
............ETC.....................................................

Todas las entradas/detecciones de Malwarebytes que empiezan del anterior listado por Trojan.Agent.AutoIt.Generic hacen referencia al Malware de Malware de Auto It.

Respecto el AdwCleaner >> ha hecho lo que debía hacer.

Respecto el Malwarebytes >> ha hecho lo que debía hacer.

De nada. Pues la verdad es que tienes un buen Zoológico de malware, pero cosas peores he visto, la verdad. Por el tipo de malware que se ha detectado es muy probable que aún tengas malware activo en tu equipo o que bien queden residuos de estos diferentes tipos de malware que han sido detectados.

Bueno un Antivirus no es siempre una garantía… después cuando ya hayamos desinfectado la máquina, abordaremos este tema del AntiVirus y una serie de buenas praxis.

:one: EN BUSCA / ELIMINACIÓN DE MALWARE

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, USB, etc).

0) Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.

1) Descarga Kasperky Virus Removal Tool Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y lo realizas tal y como se indica en su manual. En este caso no da reporte alguno, cuando finalice, presionas en la pestaña Report tal y como se indica en su manual y haces una captura de pantalla y la subes.

¿Como subir imágenes al Foro?

:two: PRÓXIMA RESPUESTA

Pegas los reportes de Eset Online Scaner y Kasperky Virus Removal Tool (captura) y comentas como va el PC.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Ya he hecho los siguientes pasos, si que parece que va más rápido ahora sobre todo al iniciar. Adjunto los informes, de Eset:

03/05/2021 0:10:07
Archivos analizados: 366874
Archivos detectados: 8
Archivos desinfectados: 8
Tiempo total de análisis 04:13:45
Estado del análisis: Finalizado


C:\Program Files (x86)\DAEMON Tools Pro\ArchiveS\DTCommonRes.dll	una variante de Win32/HackTool.Crack.DM Troyano	eliminado
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000ba	HTML/ScrInject.B Troyano	eliminado
C:\Users\Paula\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación
D:\PROGRAMAS\Adobe.Acrobat.Pro.DC.2019\Adobe.Acrobat.Pro.DC.2019\Crack.exe	Win32/HackTool.Crack.FE aplicación potencialmente no segura	desinfectado por eliminación
D:\PROGRAMAS\avast_free_antivirus_setup.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	eliminado
D:\PROGRAMAS\ccsetup317.exe	Win32/Bundled.Toolbar.Google.E aplicación potencialmente no segura	desinfectado por eliminación
D:\PROGRAMAS\ccsetup526.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	desinfectado por eliminación
D:\PROGRAMAS\DJ2540_188.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	desinfectado por eliminación

Y la captura de Kasperky, aunque en esta no ha detectado nada. KVRT

Hola, buenas @pau.ele

:+1: vamos por buen camino, pero aún no hemos finalizado.

Respecto al ESET >> :+1: ha hecho lo que debía hacer.

Respecto al Kasperky >> :+1: esta directamente límpio.

He visto en los informes que en alguna de tus unidades tenías algún CRACK.

Básicamente los KEYGENS, CRACKS y etc… Nunca descargues cosas de estas en tu máquina principal o de uso diario, ya que después te traes sorpresas y pasa lo que pasa…

Nunca jamás de los jamases descargues software o sistemas operativos de tipo comercial/de pago pirateado/crackeado para ahorrar dinero. Pues la gran mayoría de este software de pago crackeado y de forma gratuita trae como regalo fabulosos y maravillosos malwares.

En otras palabras es como si jugases a la ruleta rusa puede que la jugada te salga bien, pero en la gran mayoría de los casos infectarás tu máquina y tendrás muchos problemas varios de infecciones, malware variopinto, lentitud… (como te ha sucedido/esta sucediendo). Incluso muchas veces vete a saber quién puede llegar a acceder a tu máquina y hasta que punto pueden verse comprometidos tus datos y toda tu vida digital (TODO DEPENDE DE LO QUE Tú VALORES TU VIDA DIGITAL y tus datos y la info que manejas)…

Pueden llegar a pasar cosas como este caso, por ejemplo: Robo cuenta de Google caixabank y mira sobre todo este POst: Robo cuenta de Google caixabank - nº 4 por JavierHF, pero esos son casos ya más extremos y no tan habituales. Después más tarde, ya te daré algunas recomendaciones.

¿Qué programas/cosas tienes activadas con ACTIVADORES, CRACKS, MEDICINAS y similares en tu sistema?

Salu2.

1 me gusta

Muchas gracias. La verdad es que no tengo ni idea de ningún programa que esté crackeado . Antes compartía el PC con un familiar así que sí es posible que el instalara alguno, pero lo desconozco. Instalado por mi ninguno.

¿Qué más podría hacer al respecto?

De nada @pau.ele

Ok :+1:

OK :+1:. Eso es bueno.

:+1: pues ahora te indico… pues es muy probable que aún queden restos… así que:

0) Descarga, instala y ejecuta ZHP Cleaner siguiendo su manual, lo descargas, instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

:one: RESTABLECER NAVEGADORES

Restablece todos los navegadores que tengas tal y como se indica en esta guía:

OJO, REALIZA SOLO LA PARTE QUE EMPIEZA EN: PUP/Adware en: Internet Explorer y hacia abajo todos los posts que siguen (PUP/Adware en: Mozilla Firefox, PUP/Adware en: Google Chrome) y si tienes algún navegador como Opera o Safari que no salen en la guía, pues haz procedimientos similares y extrapolas de los navegadores que sí que aparecen.

Guía de cómo eliminar Adwares/PUPs

:two: PRÓXIMA RESPUESTA

Me traes el logs de: ZHP Cleaner y respondes a las preguntas que te haya realizado (si no hay, pues no) y comentas como va el PC respecto al problema inicial planteado. ¿Sigue apareciendo el mensaje inicial que comentabas? Este:

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

No, ese mensaje dejó de aparecer después del primer paso con Malwarebytes.

Copio el informe de ZHP Cleaner:


---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (137)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (3)
MOVIDO carpeta: C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVIDO archivo: C:\Program Files (x86)\Visible Body - Cracked by m!DVT  =>.SUP.CrackSetup
MOVIDO archivo: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime

---\  Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados. (Register)

---\  Resumen de elementos en su estación de trabajo (3)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.CrackSetup
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime

---\ Limpieza adicional. (2)
~ Clave de registro Tracing borrados (2)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK

---\ STATISTIQUES
~ Items escaneado : 2028
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 9/17

---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas

~ End of clean in 00h00mn21s

---\  Reporte (2)
ZHPCleaner-[S]-07052021-15_05_06.txt
ZHPCleaner-[R]-07052021-15_06_36.txt

También he restablecido los navegadores. Un saludo

Hola @pau.ele

:+1:

Respecto ZHPCleaner >> falta una parte del reporte. Pones de nuevo todo el reporte (pues falta una parte de este).

Y después…

EN BUSCA / ELIMINACIÓN DE MALWARE

:one: Desactivas tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

:warning: Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

:two: Farbar Recovery Scan Tool

  1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

  2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

  3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

  4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

:three: Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

:four: PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Reporte de FRST:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 09-05-2021
Ejecutado por Paula (administrador) sobre PORTATIL2 (ASUSTeK Computer Inc. K54HR) (10-05-2021 00:36:03)
Ejecutado desde C:\Users\Paula\Desktop
Perfiles cargados: Paula
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Alcor Micro Corp.) [Archivo no firmado] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUS) [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK) [Archivo no firmado] C:\Windows\SysWOW64\ACEngSvr.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Paula\AppData\Local\WebEx\ciscowebexstart.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Paula\AppData\Local\WebEx\WebEx\Meetings_01\atmgr.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nicolas Coolman -> Nicolas Coolman) [Archivo no firmado] C:\Users\Paula\Desktop\ZHPCleaner.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer Networking Ltd. -> Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) [Archivo no firmado]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS) [Archivo no firmado]
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Run: [CiscoMeetingDaemon] => C:\Users\Paula\AppData\Local\WebEx\ciscowebexstart.exe [2841816 2021-04-02] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a4e-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a5b-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a8c-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a98-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1aba-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {38352aa2-302c-11e7-9f9f-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {3de8dd11-f5fc-11e7-ac8b-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {506ff2fc-95ba-11e9-83da-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {573428db-23a7-11e7-86fb-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {89e6f77b-8ad5-11e9-aaf6-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {8b03b66f-83bc-11e4-b8aa-c86000109572} - H:\LGAutoRun.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {e35ed135-88ff-11e8-9394-c86000109572} - F:\HiSuiteDownLoader.exe
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [53656 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\Windows\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2011-01-10] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
IFEO\LOGTRANSPORT2.EXE: [Debugger] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-10-19]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2012-01-20]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe () [Archivo no firmado]
GroupPolicy\User: Restricción ? <==== ATENCIÓN
GroupPolicyUsers\S-1-5-21-3305915279-4216548775-2174266474-1005\User: Restricción <==== ATENCIÓN
Policies: C:\Users\Alex\NTUSER.pol: Restricción <==== ATENCIÓN
Policies: C:\Users\Paula\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {05DF956D-00C6-48D3-96F5-48A37C80B194} - System32\Tasks\{A8EF65AE-4BB2-470A-80B1-099BD54D3A28} => C:\PROGRAM FILES\Encore 4.5.3\Encore 4.5.3.exe
Task: {07078F74-CA74-4A10-86D5-A09B40D0EB99} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {216158C5-3425-44CC-9D58-9017BDA19420} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [82944 2011-05-30] (ASUS) [Archivo no firmado]
Task: {22D00972-DD49-4F89-B51B-975CD1E8AE8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {2C87C2F4-0375-465F-8B6A-D6C0B7B6772A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
Task: {32C02F56-EA93-41A1-8837-9C9C066AF645} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {33BEDAD1-B168-4265-8321-B51ED3FBBFFE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {458FFCED-B203-4D39-A60F-4A945A958141} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {45AC64D9-5A87-48B1-BED5-3B6F65C03662} - System32\Tasks\Norton Family\Norton Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.6.0.31\SymErr.exe
Task: {4C9E3BC0-D2D8-4A1A-B106-5589F666A542} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {525188E6-DA01-490D-83BA-693981E688C3} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {6C062F41-EC3E-4AE7-91FF-4C77A61D1A5C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2138752 2012-11-02] (Microsoft Corporation -> Microsoft)
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AVGUpdateTaskMachineCore" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVGUpdateTaskMachineUA" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\SidebarExecute" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{6498E195-9FD1-4FCE-BB66-F149DDE8C9CF}" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\{4EF9A0BA-2ECC-4B65-8C01-D5C4C3959F70}" /ENABLE
Task: {6C382A52-072A-478D-B270-2022E5CAC94A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {77668B24-CB62-4C46-91B3-994E297A6CC4} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {8B31F360-E921-417B-8D33-B29F3BE05B60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8F3231C0-70FB-405B-A95D-EB5C68B42658} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1547424 2011-09-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {97574361-E74A-49F1-9527-B5CCA65A926C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {B94B74C3-5CE1-40B1-BC6A-29ABCC930842} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {C28D7976-D835-495D-B0F4-0ECF02AF2F80} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-06] (Facebook, Inc. -> Facebook Inc.)
Task: {C764E106-D311-4654-A51E-66FBA1F37BF1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D675A75D-7F25-4A66-9D6A-4842F1FD039F} - System32\Tasks\{3F47884D-C78F-4903-BD56-E151CDB0F30D} => C:\PROGRAM FILES\Encore 4.5.3\Encore 4.5.3.exe
Task: {D69F5D89-E5A0-4318-923B-7DAD1C6F1B12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D73E6F00-64DF-4E1B-8FEA-AEB5F4C7C613} - System32\Tasks\{BA1756F8-0E6E-48AC-8C7B-6635DA528298} => C:\Windows\system32\pcalua.exe -a "C:\Users\Luis\Desktop\Programas de Audio y Música\Encore 4.5\Encore 4.5.3 setup.exe" -d "C:\Users\Luis\Desktop\Programas de Audio y Música\Encore 4.5"
Task: {DA4E7FC5-EECD-49CB-894A-68950384B151} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
Task: {DC642149-8B6D-4560-9B82-5CC9F597E9D3} - System32\Tasks\{4EF9A0BA-2ECC-4B65-8C01-D5C4C3959F70} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Electronic Arts\Uninstall.exe"
Task: {E34A57D8-56F3-49FE-9FB3-262AC8E0792E} - System32\Tasks\Norton Family\Norton Error Processor => C:\Program Files (x86)\Norton Family\Engine\3.6.0.31\SymErr.exe
Task: {EB15DE99-55B4-4064-9D11-A26DA1486AC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {F05959AE-4C35-4FA3-A6DD-12CA5A5A7F10} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {F1A99C82-F779-4460-9CF9-85F593C469B1} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [1001088 2011-06-01] (ASUSTeK Computer Inc. -> ASUS)
Task: {F81F554C-FDE7-496F-B854-3777865808CB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-06] (Facebook, Inc. -> Facebook Inc.)
Task: {FF4A02C5-AE1A-4021-B5AB-AB388F9C6CDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core.job => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA.job => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6EFA9321-221D-4A20-9C63-038ACB527C22}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C6646913-322C-46F8-8A50-FF8956CE8783}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: mbbmc3ii.default
FF ProfilePath: C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\mbbmc3ii.default [2021-05-09]
FF Extension: (Google Translator for Firefox) - C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\mbbmc3ii.default\Extensions\[email protected] [2019-03-11]
FF HKLM\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFAddon => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFAddon => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2021-04-05] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2014-01-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2014-01-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [Ningún archivo]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-12] (Pando Networks, Inc. -> Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3305915279-4216548775-2174266474-1005: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Paula\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-3305915279-4216548775-2174266474-1005: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-12] (Pando Networks, Inc. -> Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Paula\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-01-04]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default [2021-05-10]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.netflix.com
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "hxxps://www.academiamir.com/mir/login.jsp?logout=1"
CHR Extension: (Google Drive) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (uBlock Origin) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-08]
CHR Extension: (Búsqueda de Google) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Calendar) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (hxxps://www.netflix.com/browse) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppojlglocelodeimnohnlnionkobfln [2019-02-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-18]
CHR Extension: (Google Keep: notas y listas) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-05-04]
CHR Extension: (Dropbox) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-04-02]
CHR Extension: (hxxp://moodle.urv.net/moodle/) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhkblkgomlhfgpdkejnmepdafabcljac [2014-09-02]
CHR Extension: (Cisco Webex Extension) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-03-26]
CHR Extension: (Webcam Toy) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2018-06-27]
CHR Extension: (tviso-extension) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmmeiimpckggkicjmjoldhpifoelbnfl [2017-03-29]
CHR Extension: (Google Maps) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-21]
CHR Extension: (Sin Nombre) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2021-05-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-26]
CHR Profile: C:\Users\Paula\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - <no Path/update_url>

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1281760 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Archivo no firmado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-29] (Malwarebytes Inc -> Malwarebytes)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd. -> Safer Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 982745d5; C:\Windows\System32\Drivers\982745d5.sys [110496 2021-05-03] (AO Kaspersky Lab -> AO Kaspersky Lab)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [212192 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365024 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250336 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41296 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [180448 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522384 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-05-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107792 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82872 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850632 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467720 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215352 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326992 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2769920 2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
S3 klupd_982745d5a_arkmon_098C6A3A; C:\KVRT2020_Data\Temp\098C6A3A56693228A09FEAB69A99874F\klupd_982745d5a_arkmon.sys [245752 2021-05-03] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-04-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-04-29] (Malwarebytes Inc -> Malwarebytes)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U3 ADOBEUPDATESERVICE; no ImagePath
U1 aswbdisk; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-10 00:27 - 2021-05-10 00:30 - 000056012 _____ C:\Users\Paula\Desktop\Addition.txt
2021-05-10 00:24 - 2021-05-10 00:38 - 000042048 _____ C:\Users\Paula\Desktop\FRST.txt
2021-05-10 00:23 - 2021-05-10 00:37 - 000000000 ____D C:\FRST
2021-05-10 00:21 - 2021-05-10 00:22 - 002298880 _____ (Farbar) C:\Users\Paula\Desktop\FRST64.exe
2021-05-07 15:07 - 2021-05-07 15:07 - 000002678 _____ C:\Users\Paula\Desktop\ZPH.txt
2021-05-07 15:07 - 2021-05-07 15:07 - 000000000 ____D C:\Users\Paula\Desktop\ZPH
2021-05-07 14:30 - 2021-05-10 00:13 - 000000000 ____D C:\Users\Paula\AppData\Roaming\ZHP
2021-05-07 14:30 - 2021-05-07 14:30 - 000000000 ____D C:\Users\Paula\AppData\Local\ZHP
2021-05-07 14:28 - 2021-05-07 14:28 - 003327128 _____ (Nicolas Coolman) C:\Users\Paula\Desktop\ZHPCleaner.exe
2021-05-03 00:16 - 2021-05-03 00:16 - 000110496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\982745d5.sys
2021-05-03 00:15 - 2021-05-03 00:16 - 000000000 ____D C:\KVRT2020_Data
2021-05-03 00:10 - 2021-05-03 00:10 - 000002466 _____ C:\Users\Paula\Desktop\eset.txt
2021-05-02 19:38 - 2021-05-02 19:38 - 000000558 _____ C:\Users\Paula\Desktop\ESET Online Scanner.lnk
2021-05-02 19:37 - 2021-05-02 19:37 - 000000000 ____D C:\Users\Paula\AppData\Local\ESET
2021-05-02 19:36 - 2021-05-02 19:37 - 103321912 _____ (AO Kaspersky Lab) C:\Users\Paula\Desktop\KVRT.exe
2021-05-02 19:33 - 2021-05-02 19:33 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Paula\Desktop\esetonlinescanner.exe
2021-04-30 00:36 - 2021-04-30 00:39 - 000000000 ____D C:\AdwCleaner
2021-04-30 00:27 - 2021-04-30 00:27 - 000021508 _____ C:\Users\Paula\Desktop\MalwarebytesInforme.txt
2021-04-29 20:52 - 2021-05-09 13:22 - 000000000 ____D C:\Users\Paula\AppData\LocalLow\IGDump
2021-04-29 20:45 - 2021-04-29 20:45 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-04-29 20:45 - 2021-04-29 20:45 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-04-29 20:45 - 2021-04-29 20:45 - 000001962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-29 20:45 - 2021-04-29 20:45 - 000001950 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-29 20:45 - 2021-04-29 20:45 - 000001950 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-29 20:45 - 2021-04-29 20:45 - 000000000 ____D C:\Users\Paula\AppData\Local\mbam
2021-04-29 20:44 - 2021-04-29 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-29 20:44 - 2021-04-29 20:43 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-04-29 20:42 - 2021-04-29 20:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-29 20:39 - 2021-04-29 20:40 - 210366080 _____ (Malwarebytes) C:\Users\Paula\Desktop\mb4-setup-consumer-4.3.0.218-1.0.1273-1.0.39721.exe
2021-04-29 20:25 - 2021-04-29 20:25 - 002078632 _____ (Malwarebytes) C:\Users\Paula\Desktop\MBSetup.exe
2021-04-29 20:24 - 2021-04-29 20:24 - 008534696 _____ (Malwarebytes) C:\Users\Paula\Desktop\adwcleaner_8.2.exe
2021-04-29 20:22 - 2021-04-29 20:22 - 000149218 _____ C:\Users\Paula\Desktop\Eliminar Malwares - ForoSpyware.pdf
2021-04-28 13:34 - 2021-04-28 13:34 - 000169752 _____ C:\Users\Paula\Desktop\Listado de Citas. Consulta.pdf
2021-04-28 13:31 - 2021-04-28 20:47 - 000186812 _____ C:\Users\Paula\Desktop\CITA PREVIA DNI PASAPORTE.pdf
2021-04-25 16:16 - 2021-04-25 16:15 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-04-25 16:16 - 2021-04-25 16:15 - 000215352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-04-20 12:59 - 2021-04-28 20:48 - 000000000 ____D C:\Users\Paula\Desktop\disco
2021-04-19 12:18 - 2021-04-19 12:18 - 000000000 ____D C:\Windows\pss

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-09 13:34 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-09 13:34 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-09 13:17 - 2020-05-21 10:28 - 000004130 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-09 13:17 - 2019-01-09 00:35 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-05-09 13:17 - 2018-12-12 17:50 - 000003476 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineUA
2021-05-09 13:17 - 2018-12-12 17:50 - 000003348 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineCore
2021-05-09 13:17 - 2018-09-08 10:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-05-09 13:17 - 2017-02-08 18:58 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-09 13:17 - 2014-02-03 15:14 - 000003094 _____ C:\Windows\system32\Tasks\{4EF9A0BA-2ECC-4B65-8C01-D5C4C3959F70}
2021-05-09 13:17 - 2013-09-06 12:40 - 000003916 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA
2021-05-09 13:17 - 2013-09-06 12:40 - 000003548 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core
2021-05-09 13:17 - 2013-09-06 12:40 - 000000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA.job
2021-05-09 13:17 - 2013-09-06 12:40 - 000000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core.job
2021-05-09 13:17 - 2013-04-30 21:30 - 000003984 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{6498E195-9FD1-4FCE-BB66-F149DDE8C9CF}
2021-05-09 13:17 - 2013-01-08 23:09 - 000003120 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-05-09 13:17 - 2013-01-08 23:09 - 000003092 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-05-09 13:17 - 2012-09-17 17:57 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-09 13:17 - 2012-09-17 17:57 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-09 13:17 - 2012-04-15 10:28 - 000003094 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-05-09 13:17 - 2012-01-20 13:44 - 000003162 _____ C:\Windows\system32\Tasks\SidebarExecute
2021-05-09 13:03 - 2020-05-18 11:46 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-05-09 13:03 - 2012-04-14 12:47 - 000000000 ____D C:\Program Files\CCleaner
2021-05-09 13:01 - 2018-01-04 17:00 - 000000000 ____D C:\Users\Paula\AppData\Local\WebEx
2021-05-09 13:01 - 2012-04-12 17:33 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-09 13:01 - 2012-04-11 18:29 - 000000000 ___HD C:\ASUS.DAT
2021-05-09 13:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-07 14:45 - 2016-05-28 16:58 - 000000000 ____D C:\Program Files (x86)\QuickTime
2021-04-30 00:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-04-30 00:33 - 2012-01-20 13:45 - 000001988 _____ C:\Windows\system32\ServiceFilter.ini
2021-04-30 00:27 - 2013-02-26 17:14 - 000000000 ____D C:\Users\Paula\AppData\Roaming\uTorrent
2021-04-29 20:26 - 2011-02-19 06:19 - 000759382 _____ C:\Windows\system32\perfh00A.dat
2021-04-29 20:26 - 2011-02-19 06:19 - 000163162 _____ C:\Windows\system32\perfc00A.dat
2021-04-29 20:26 - 2009-07-14 07:13 - 001708978 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-28 13:30 - 2019-09-10 09:41 - 000000000 ____D C:\Users\Paula\.afirma
2021-04-27 13:15 - 2012-09-17 17:57 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-26 21:14 - 2020-06-01 11:44 - 000000000 ____D C:\Users\Paula\AppData\Local\Spotify
2021-04-26 21:12 - 2020-06-01 11:41 - 000000000 ____D C:\Users\Paula\AppData\Roaming\Spotify
2021-04-25 16:20 - 2019-01-09 00:33 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-25 16:15 - 2020-10-14 09:43 - 000180448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000522384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000467720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000326992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000250336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000082872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000041296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-04-25 16:14 - 2020-05-18 11:46 - 000850632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-04-25 16:14 - 2020-05-18 11:46 - 000365024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-04-25 16:14 - 2020-05-18 11:46 - 000212192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-04-25 16:05 - 2012-04-11 18:29 - 000045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2021-04-13 14:48 - 2018-01-04 17:00 - 000000000 ____D C:\Users\Paula\AppData\LocalLow\WebEx

==================== Archivos en la raíz de algunos directorios ========

2019-05-31 20:49 - 2019-05-31 20:49 - 000003725 _____ () C:\Program Files\48588549Z_PAULA_LILLO__1559328497699.p12
2015-07-16 10:18 - 2015-07-16 10:18 - 006420480 _____ () C:\Program Files (x86)\GUT8BE4.tmp
2019-05-15 01:56 - 2019-05-15 01:56 - 006922240 _____ () C:\Program Files (x86)\GUTFDDD.tmp
2020-05-05 18:31 - 2020-05-05 18:31 - 000008704 _____ () C:\Users\Paula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-05-03 04:13
==================== Final de FRST.txt ========================

Reporte Addition:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 09-05-2021
Ejecutado por Paula (10-05-2021 00:38:53)
Ejecutado desde C:\Users\Paula\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-11 16:28:31)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3305915279-4216548775-2174266474-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3305915279-4216548775-2174266474-1003 - Limited - Enabled)
Invitado (S-1-5-21-3305915279-4216548775-2174266474-501 - Limited - Enabled)
Paula (S-1-5-21-3305915279-4216548775-2174266474-1005 - Administrator - Enabled) => C:\Users\Paula

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
AMD Catalyst Install Manager (HKLM\...\{363A0366-B490-43BF-3478-4E83209389E4}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version:  - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2500D series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
Centro de Ratón y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\ActiveTouchMeetingClient) (Version: 41.1.3 - Cisco Webex LLC)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
darktable (HKLM\...\darktable) (Version: 2.4.1 - the darktable project)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Fliqlo Protector de pantalla (HKLM-x32\...\Fliqlo) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 2540 series Software básico del dispositivo (HKLM\...\{2FE8E982-BB5C-4660-81AF-B9DD389A5F58}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{E8FF0A82-0696-4347-B4AE-708DE306FFE9}) (Version: 12.18.34.21 - HP Inc.)
Human Anatomy Atlas 3.0.1 (HKLM-x32\...\Human Anatomy Atlas 3.0.1) (Version:  - )
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.5 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0401-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0404-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0419-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0816-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MidiNotate Composer (HKLM-x32\...\{FC572E6B-1511-4C53-929A-469D49E1C576}) (Version: 1.0 - )
Mozilla Firefox 84.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 84.0 (x64 es-ES)) (Version: 84.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.2.7321 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Demo (HKLM-x32\...\{A66B369B-2927-8B02-ADF7-5BC0FE941034}) (Version: 7.00.1504 - Nero AG)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM-x32\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Spotify (HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Spotify) (Version: 1.1.56.595.g2d2da0de - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
UltraStar WorldParty (HKLM-x32\...\UltraStar WorldParty) (Version: 19.12 - UltraStar España)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
Wondershare Video Editor(Build 3.5.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Paula\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [Archivo no firmado] [El archivo está en uso]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-28] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Módulos cargados (Lista blanca) =============

2010-04-01 04:55 - 2010-04-01 04:55 - 000221184 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2009-03-02 04:07 - 2009-03-02 04:07 - 000200704 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2010-11-15 21:04 - 2010-11-15 21:04 - 000019968 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\es_es\acrotray.esp
2011-05-30 23:48 - 2011-05-30 23:48 - 000009216 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 001163264 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2017-10-10 22:47 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000080384 _____ (ACTIONTEC Electronics,Inc) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2010-11-15 21:04 - 2010-11-15 21:04 - 000336384 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenu64.esp
2012-01-20 13:36 - 2010-12-21 03:49 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-05-30 23:48 - 2011-05-30 23:48 - 000053248 _____ (ASUSTeK) [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
2011-05-30 23:48 - 2011-05-30 23:48 - 000032768 _____ (ASUSTek) [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
2012-01-20 13:43 - 2011-09-06 10:49 - 000114688 _____ (Atheros Communications, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-01-20 13:43 - 2011-09-06 10:49 - 000269824 _____ (Atheros Communications, Inc.) [Archivo no firmado] c:\program files (x86)\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000036864 _____ (ATK) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2017-10-10 17:53 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-10-10 17:53 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-10-10 17:53 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-10-10 17:53 - 2014-06-16 16:03 - 000087552 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll
2011-07-28 10:48 - 2011-07-28 10:48 - 000274432 _____ (eCareme Technologies, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 11:37 - 2011-07-29 11:37 - 004526080 _____ (eCareme Technologies, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2011-05-25 09:09 - 2011-05-25 09:09 - 000227840 _____ (eCareme Technologies, Inc.) [Archivo no firmado] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 002891264 _____ (FreeImage) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
2012-01-20 13:36 - 2010-12-21 03:45 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2002-02-14 15:00 - 2002-02-14 15:00 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\VCRUNTIME140.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\MSVCP140.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\ucrtbase.DLL
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\VCRUNTIME140.dll
2021-05-09 21:18 - 2021-05-09 21:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21050912\avast.local_vc142.crt\VCRUNTIME140_1.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000331776 _____ (Realtek Semiconductor Corp.) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
2011-05-17 20:31 - 2011-05-17 20:31 - 000200704 _____ (Realtek) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000303104 _____ (Silicon Integrated Systems Corp.) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2010-10-28 22:50 - 2010-10-28 22:50 - 000304128 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcherLOC.DLL
2010-11-27 00:25 - 2010-11-27 00:25 - 000013312 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\PMB\XpStorageDevice_WinXp2k.dll
2009-10-29 03:41 - 2009-10-29 03:41 - 000270336 _____ (The Apache Software Foundation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\LIBEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\982745d5.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\982745d5.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Versión 11) (Lista blanca) ==========

HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Ltd. -> Safer Networking Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Sin Nombre -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Ningún archivo
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005 -> Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-04-05 19:04 - 2011-02-03 00:00 - 000006861 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 3dns-2.adobe.com #192.150.22.22
127.0.0.1 3dns-3.adobe.com #192.150.14.21
127.0.0.1 3dns-4.adobe.com #192.150.18.247
127.0.0.1 3dns-5.adobe.com #192.150.22.46
127.0.0.1 adobe-dns.adobe.com #192.150.11.30
127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247
127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30
127.0.0.1 adobe.activate.com #69.175.22.26
127.0.0.1 activate.adobe.com #192.150.22.40
127.0.0.1 activate.wip3.adobe.com #192.150.22.40
127.0.0.1 activate.wip4.adobe.com #192.150.22.40
127.0.0.1 activate-sea.adobe.com #192.150.22.40
127.0.0.1 activate-sjc0.adobe.com #192.150.14.69
127.0.0.1 ereg.adobe.com #192.150.18.103
127.0.0.1 ereg.wip3.adobe.com #192.150.18.63
127.0.0.1 ereg.wip4.adobe.com #192.150.18.103
127.0.0.1 practivate.adobe.com #192.150.18.54
127.0.0.1 www.wip3.adobe.com #192.150.8.60
127.0.0.1 www.wip4.adobe.com #192.150.18.200
127.0.0.1 www.adobeereg.com #75.125.24.83
127.0.0.1 adobeereg.com #207.66.2.10
127.0.0.1 hl2rcv.adobe.com #192.150.14.174
127.0.0.1 wwis-dubc1-vip30.adobe.com #192.150.8.30
127.0.0.1 wwis-dubc1-vip31.adobe.com #192.150.8.31
127.0.0.1 wwis-dubc1-vip32.adobe.com #192.150.8.32
127.0.0.1 wwis-dubc1-vip33.adobe.com #192.150.8.33
127.0.0.1 wwis-dubc1-vip34.adobe.com #192.150.8.34
127.0.0.1 wwis-dubc1-vip35.adobe.com #192.150.8.35
127.0.0.1 wwis-dubc1-vip36.adobe.com #192.150.8.36

Hay 90 más lineas.


==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{FDD96A5B-D830-49E1-B8D6-3C634B41B339}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{728C3760-A594-4DED-8B6E-8DD1C4E77369}] => (Allow) LPort=2869
FirewallRules: [{AC882C1F-EBF3-48BF-83D5-5954B640008A}] => (Allow) LPort=1900
FirewallRules: [{58629E3E-7D21-4FC5-8B74-2BCCDB9ECEDF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{209F67F8-9274-4899-AF62-8973792805E9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{34741295-BA62-4A2E-A88E-3BD855175B80}C:\users\paula\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\paula\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{73B81E65-9BEE-42C2-A3AF-ED8BCDF19E0E}C:\users\paula\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\paula\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{134912D3-6A5A-46B7-95FC-2068EAEB5934}C:\users\paula\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\paula\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{116B0A86-761C-401F-B5EC-6DE6CBB53B1B}C:\users\paula\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\paula\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{240A49C9-8819-458F-80E2-9D0840237251}] => (Allow) C:\Program Files (x86)\Movistar\AsistCfg93\awcbrwsr.exe () [Archivo no firmado]
FirewallRules: [{EE889BEF-E375-4A30-9936-B5F9B168E569}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{FF3FDB96-A869-4A66-8453-FA27EA1C0A98}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{BCC8384B-FF51-4488-B001-D7037B453199}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{6318C9B4-3A24-4292-9B27-C03BAE8EBAFA}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{D402182F-DD2C-410C-8B09-C657B2C34A76}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Pando Networks, Inc. -> )
FirewallRules: [{5AFE9D99-D3F4-400C-875A-AC56887D5507}] => (Allow) C:\Users\Paula\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{0EF578D8-D118-4D3F-A0E3-51A7188C1C19}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84069B73-6D65-4B08-BA4B-913926C4A5B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A07B87C-AA23-45F4-B99F-93072C39F50D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B69A035A-658B-4532-8D32-0154578655FD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{28B40F0E-AAD0-4759-AF80-B3BBC87406B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{103F4904-8703-4ADE-9EDC-C489D8E9C1CD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99995D16-5BFA-4A40-939B-BAEEED8D2B61}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{05FF1851-832D-43AF-9390-8E7DF0C149FA}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6C88C0F0-7935-4FC1-9CE4-17D52C4BB903}] => (Allow) LPort=5357
FirewallRules: [{EF2E1C08-F766-4309-B2A5-7E1308A290D8}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2C6407A3-CA90-449C-A6E7-03DA664213A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

03-05-2021 04:20:01 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Concentrador raíz USB
Description: Concentrador raíz USB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: usbhub
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/08/2021 12:47:04 PM) (Source: Google Update) (EventID: 20) (User: PORTATIL2)
Description: Event-ID 20

Error: (05/08/2021 09:47:05 AM) (Source: Google Update) (EventID: 20) (User: PORTATIL2)
Description: Event-ID 20

Error: (05/08/2021 03:47:05 AM) (Source: Google Update) (EventID: 20) (User: PORTATIL2)
Description: Event-ID 20

Error: (05/08/2021 12:47:04 AM) (Source: Google Update) (EventID: 20) (User: PORTATIL2)
Description: Event-ID 20

Error: (05/07/2021 08:19:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8122863

Error: (05/07/2021 08:19:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8122863

Error: (05/07/2021 08:19:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/07/2021 08:19:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8121849


Errores del sistema:
=============
Error: (05/09/2021 01:00:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio SupportSoft RemoteAssist no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/09/2021 01:00:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HuaweiHiSuiteService64.exe no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/08/2021 09:17:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HP Support Solutions Framework Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/08/2021 09:17:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio HP Support Solutions Framework Service.

Error: (05/08/2021 09:14:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio SupportSoft RemoteAssist no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/08/2021 09:14:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HuaweiHiSuiteService64.exe no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/07/2021 05:18:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Windows Update no respondió después de iniciar.

Error: (05/07/2021 05:15:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HP Support Solutions Framework Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
================
Date: 2013-04-04 21:09:23.027
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{BE96DE12-4225-40D3-8371-6DD116F5808A}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2013-02-16 20:29:58.789
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{4CD03099-800F-46F4-9D13-7D7748517B27}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-09-18 21:28:13.000
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{09DBA661-8E25-4B7C-9D14-06F6EFEA3172}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-09-15 19:04:49.168
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A9A2F6A1-8454-4485-A8D6-C6DEEC0780CB}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-07-11 07:04:04.547
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{CA81D4BB-349F-4323-8A1C-8B82641A9F66}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. K54HR.202 12/26/2011
Placa base: ASUSTeK Computer Inc. K54HR
Procesador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Porcentaje de memoria en uso: 92%
RAM física total: 3056.13 MB
RAM física disponible: 240.28 MB
Virtual total: 6558.43 MB
Virtual disponible: 510.73 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:37.41 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:34.2 GB) NTFS


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola buenas @pau.ele

:zero: PREGUNTAS

¿Hoy en día utilizas este software?

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)

¿Qué antivirus utilizas a día de hoy? Entiendo que por todo lo que he visto utilizas Avast. ¿Correcto?

¿Reconoces estos programas? ¿Alguien antes utilizo esta máquina con idiomas extranjeros o alfabetos muy poco comunes para un país de habla española?

Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

:one: DESINSTALACIÓN PROGRAMAS

Para los programas en que te diga: puedes quitarlos. Hazlo así:

Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.

Quitas todos los programas que encuentre Revo con los nombres de: Spybot - Search & Destroy, Visual Studio 2012 x64 Redistributables, Visual Studio 2012 x86 Redistributables, Wondershare Video Editor o Wondershare + Lo que sea.

Pues serían los siguientes:

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wondershare Video Editor(Build 3.5.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)

Estos deben de quedar completamente desinstalados.

¿Reconoces este programa?

PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden

:two: DESINSTALACIÓN EXTENSIONES

Para las extensiones en que te diga: puedes quitarlas. Hazlo así:

Accedes a Chrome y quitas las extensiones llamadas: Sin Nombre y Chrome Media Router. Son estas:

CHR Extension: (Sin Nombre) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2021-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-26]

:three: Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

  • Reinicias el ordenador en Modo Normal.

  • Descargas DelFix en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

  • Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(Safer Networking Ltd. -> Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [Archivo no firmado]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a4e-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a5b-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a8c-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1a98-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {057f1aba-23a1-11e7-981c-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {38352aa2-302c-11e7-9f9f-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {3de8dd11-f5fc-11e7-ac8b-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {506ff2fc-95ba-11e9-83da-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {573428db-23a7-11e7-86fb-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {89e6f77b-8ad5-11e9-aaf6-c86000109572} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {8b03b66f-83bc-11e4-b8aa-c86000109572} - H:\LGAutoRun.exe
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\MountPoints2: {e35ed135-88ff-11e8-9394-c86000109572} - F:\HiSuiteDownLoader.exe
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
IFEO\LOGTRANSPORT2.EXE: [Debugger] 0
GroupPolicy\User: Restricción ? <==== ATENCIÓN
GroupPolicyUsers\S-1-5-21-3305915279-4216548775-2174266474-1005\User: Restricción <==== ATENCIÓN
Policies: C:\Users\Alex\NTUSER.pol: Restricción <==== ATENCIÓN
Policies: C:\Users\Paula\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {32C02F56-EA93-41A1-8837-9C9C066AF645} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {45AC64D9-5A87-48B1-BED5-3B6F65C03662} - System32\Tasks\Norton Family\Norton Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.6.0.31\SymErr.exe
Task: {77668B24-CB62-4C46-91B3-994E297A6CC4} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {DC642149-8B6D-4560-9B82-5CC9F597E9D3} - System32\Tasks\{4EF9A0BA-2ECC-4B65-8C01-D5C4C3959F70} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Electronic Arts\Uninstall.exe"
Task: {E34A57D8-56F3-49FE-9FB3-262AC8E0792E} - System32\Tasks\Norton Family\Norton Error Processor => C:\Program Files (x86)\Norton Family\Engine\3.6.0.31\SymErr.exe
FF HKLM\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFAddon => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFFw => no encontrado
FF HKLM-x32\...\Firefox\Extensions: [{8A0D66E3-1C08-49A6-8F6C-7E024029D199}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.4.0.43\coFFAddon => no encontrado
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
CHR Extension: (Sin Nombre) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp [2021-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [napjheenlliimoedooldaalpjfidlidp] - <no Path/update_url>
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd. -> Safer Networking Ltd.)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [X]
U3 ADOBEUPDATESERVICE; no ImagePath
U1 aswbdisk; no ImagePath
2021-05-09 13:17 - 2018-12-12 17:50 - 000003476 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineUA
2021-05-09 13:17 - 2018-12-12 17:50 - 000003348 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineCore
2021-05-09 13:17 - 2014-02-03 15:14 - 000003094 _____ C:\Windows\system32\Tasks\{4EF9A0BA-2ECC-4B65-8C01-D5C4C3959F70}
2015-07-16 10:18 - 2015-07-16 10:18 - 006420480 _____ () C:\Program Files (x86)\GUT8BE4.tmp
2019-05-15 01:56 - 2019-05-15 01:56 - 006922240 _____ () C:\Program Files (x86)\GUTFDDD.tmp
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Ltd. -> Safer Networking Limited)
BHO-x32: Sin Nombre -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Ningún archivo
Toolbar: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005 -> Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo
C:\Program Files (x86)\Spybot - Search & Destroy
C:\Windows\SysWOW64\NeroCheck.exe
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Norton Family
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\napjheenlliimoedooldaalpjfidlidp
C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Folder: C:\Users\Paula\.afirma;C:\Windows\pss
File: C:\Windows\SysWOW64\acovcnt.exe
VirusTotal: C:\Windows\SysWOW64\acovcnt.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

  1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

  2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

  3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

  4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

:warning: Muy Importante :warning: Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Buenas @Marr0n

No, no recuerdo haber utilizado nunca ese software

Sí, tengo el Avast la versión premium

Ni idea, nadie de habla no hispana ha utilizado este PC, al menos que yo sepa.

Tampoco reconozco este programa

El resto de pasos creo que los he seguido correctamente, el error inicial sigue corregido y parece que el PC va más rápido ahora. Copio a continuación el fichero FIXLOG:


Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 11-05-2021 00:03:59)


Resultado de las claves programadas para eliminar después de reiniciar:

HKLM\System\CurrentControlSet\Services\aswbdisk => no pudo ser eliminado, clave podría estar protegida

==== Final  Fixlog 00:04:00 ====

Hola, buenas @pau.ele

OK. Pues lo quitaremos en breves…

OK :+1: perfecto.

OK. Pues los quitaremos también en breves…

OK. Debemos de quitarlo también.

:+1:

Respecto al FIXLOG… ¿No tienes/hay nada más? Solo tienes este. ¿Correcto?

Confírmame esto que te pregunto… reinicias la máquina y me traes dos nuevos logs de FRST. Para ello lo ejecutas de la forma que te dije en:

Salu2.

Una cosa que se me olvidaba…

¿Antes de ejecutar el FRST pudiste desinstalar correctamente el Spybot - Search & Destroy y también el Wondershare Video Editor?

Me cuentas acerca de ambos y haces el resto de lo que te dije en mi anterior mensaje.

Salu2.

Buenas @Marr0n perdón por tardar, no he podido conectarme antes.

Sí, ese era el único que tenía.

Sí, pude desinstalar ambos programas sin problemas.

He vuelto a ejecutar FRST te dejo los logs a continuación.

FRST:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 09-05-2021
Ejecutado por Paula (administrador) sobre PORTATIL2 (ASUSTeK Computer Inc. K54HR) (18-05-2021 16:07:56)
Ejecutado desde C:\Users\Paula\Desktop
Perfiles cargados: Paula
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Alcor Micro Corp.) [Archivo no firmado] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ASUS) [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK) [Archivo no firmado] C:\Windows\SysWOW64\ACEngSvr.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\Setup\instup.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Paula\AppData\Local\WebEx\ciscowebexstart.exe
(Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Paula\AppData\Local\WebEx\WebEx\Meetings_01\atmgr.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A4FA20AE-149D-4914-B83C-F8D4B06D73A9}\90.0.4430.212_90.0.4430.93_chrome_updater.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{A4FA20AE-149D-4914-B83C-F8D4B06D73A9}\CR_B1CB0.tmp\setup.exe <2>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) [Archivo no firmado]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2011-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Archivo no firmado]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Sonic Focus, Inc. -> Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Run: [CiscoMeetingDaemon] => C:\Users\Paula\AppData\Local\WebEx\ciscowebexstart.exe [2841816 2021-04-02] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [53656 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\Windows\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2011-01-10] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2011-10-19]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2012-01-20]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe () [Archivo no firmado]
Policies: C:\Users\Paula\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {05DF956D-00C6-48D3-96F5-48A37C80B194} - System32\Tasks\{A8EF65AE-4BB2-470A-80B1-099BD54D3A28} => C:\PROGRAM FILES\Encore 4.5.3\Encore 4.5.3.exe
Task: {07078F74-CA74-4A10-86D5-A09B40D0EB99} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {216158C5-3425-44CC-9D58-9017BDA19420} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [82944 2011-05-30] (ASUS) [Archivo no firmado]
Task: {22D00972-DD49-4F89-B51B-975CD1E8AE8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {2C87C2F4-0375-465F-8B6A-D6C0B7B6772A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
Task: {33BEDAD1-B168-4265-8321-B51ED3FBBFFE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {458FFCED-B203-4D39-A60F-4A945A958141} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4C9E3BC0-D2D8-4A1A-B106-5589F666A542} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {525188E6-DA01-490D-83BA-693981E688C3} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {6C062F41-EC3E-4AE7-91FF-4C77A61D1A5C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2138752 2012-11-02] (Microsoft Corporation -> Microsoft)
Task: {8B31F360-E921-417B-8D33-B29F3BE05B60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8F3231C0-70FB-405B-A95D-EB5C68B42658} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1547424 2011-09-30] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {97574361-E74A-49F1-9527-B5CCA65A926C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {B94B74C3-5CE1-40B1-BC6A-29ABCC930842} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {C28D7976-D835-495D-B0F4-0ECF02AF2F80} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-06] (Facebook, Inc. -> Facebook Inc.)
Task: {C764E106-D311-4654-A51E-66FBA1F37BF1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D675A75D-7F25-4A66-9D6A-4842F1FD039F} - System32\Tasks\{3F47884D-C78F-4903-BD56-E151CDB0F30D} => C:\PROGRAM FILES\Encore 4.5.3\Encore 4.5.3.exe
Task: {D69F5D89-E5A0-4318-923B-7DAD1C6F1B12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D73E6F00-64DF-4E1B-8FEA-AEB5F4C7C613} - System32\Tasks\{BA1756F8-0E6E-48AC-8C7B-6635DA528298} => C:\Windows\system32\pcalua.exe -a "C:\Users\Luis\Desktop\Programas de Audio y Música\Encore 4.5\Encore 4.5.3 setup.exe" -d "C:\Users\Luis\Desktop\Programas de Audio y Música\Encore 4.5"
Task: {DA4E7FC5-EECD-49CB-894A-68950384B151} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AVGUpdateTaskMachineCore" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVGUpdateTaskMachineUA" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\SidebarExecute" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{6498E195-9FD1-4FCE-BB66-F149DDE8C9CF}" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\{4EF9A0BA-2ECC-4B65-8C01-D5C4C3959F70}" /ENABLE
Task: {E7FC02E7-AC90-4CFA-B79C-23884C9494F6} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {EB15DE99-55B4-4064-9D11-A26DA1486AC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {F05959AE-4C35-4FA3-A6DD-12CA5A5A7F10} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {F1A99C82-F779-4460-9CF9-85F593C469B1} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [1001088 2011-06-01] (ASUSTeK Computer Inc. -> ASUS)
Task: {F81F554C-FDE7-496F-B854-3777865808CB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-06] (Facebook, Inc. -> Facebook Inc.)
Task: {FF4A02C5-AE1A-4021-B5AB-AB388F9C6CDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core.job => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA.job => C:\Users\Paula\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6EFA9321-221D-4A20-9C63-038ACB527C22}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C6646913-322C-46F8-8A50-FF8956CE8783}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: mbbmc3ii.default
FF ProfilePath: C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\mbbmc3ii.default [2021-05-10]
FF Extension: (Google Translator for Firefox) - C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\mbbmc3ii.default\Extensions\[email protected] [2019-03-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2021-04-05] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2014-01-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2014-01-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-12] (Pando Networks, Inc. -> Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3305915279-4216548775-2174266474-1005: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Paula\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-3305915279-4216548775-2174266474-1005: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-12] (Pando Networks, Inc. -> Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Paula\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-01-04]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default [2021-05-18]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.netflix.com
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "hxxps://www.academiamir.com/mir/login.jsp?logout=1"
CHR Extension: (Google Drive) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (uBlock Origin) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-08]
CHR Extension: (Búsqueda de Google) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Calendar) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (hxxps://www.netflix.com/browse) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppojlglocelodeimnohnlnionkobfln [2019-02-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-18]
CHR Extension: (Google Keep: notas y listas) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-05-04]
CHR Extension: (Dropbox) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-04-02]
CHR Extension: (hxxp://moodle.urv.net/moodle/) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhkblkgomlhfgpdkejnmepdafabcljac [2014-09-02]
CHR Extension: (Webcam Toy) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2018-06-27]
CHR Extension: (Google Maps) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Paula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-11]
CHR Profile: C:\Users\Paula\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-10]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1281760 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Archivo no firmado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-29] (Malwarebytes Inc -> Malwarebytes)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 982745d5; C:\Windows\System32\Drivers\982745d5.sys [110496 2021-05-03] (AO Kaspersky Lab -> AO Kaspersky Lab)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [212192 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365024 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250336 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41296 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [180448 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522384 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-05-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107792 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82872 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850632 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467720 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215352 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326992 2021-04-25] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2769920 2011-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
S3 klupd_982745d5a_arkmon_098C6A3A; C:\KVRT2020_Data\Temp\098C6A3A56693228A09FEAB69A99874F\klupd_982745d5a_arkmon.sys [245752 2021-05-03] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-04-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-04-29] (Malwarebytes Inc -> Malwarebytes)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-11 00:04 - 2021-05-11 00:04 - 000000332 _____ C:\Users\Paula\Desktop\Fixlog.txt
2021-05-10 23:52 - 2021-05-10 23:52 - 000000304 __RSH C:\Users\Paula\ntuser.pol
2021-05-10 23:40 - 2021-05-10 23:40 - 000000262 _____ C:\Users\Paula\Desktop\DelFix.txt
2021-05-10 23:36 - 2021-05-10 23:40 - 000000262 _____ C:\DelFix.txt
2021-05-10 23:36 - 2021-05-10 23:36 - 000000000 ____D C:\Windows\ERUNT
2021-05-10 23:34 - 2021-05-10 23:35 - 000797760 _____ C:\Users\Paula\Desktop\delfix.exe
2021-05-10 23:03 - 2021-05-10 23:03 - 000001036 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-05-10 23:03 - 2021-05-10 23:03 - 000001036 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2021-05-10 23:03 - 2021-05-10 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-05-10 23:03 - 2021-05-10 23:03 - 000000000 ____D C:\Program Files\VS Revo Group
2021-05-10 22:58 - 2021-05-10 22:58 - 007495512 _____ (VS Revo Group ) C:\Users\Paula\Desktop\revosetup.exe
2021-05-10 00:27 - 2021-05-10 00:55 - 000025865 _____ C:\Users\Paula\Desktop\Addition.txt
2021-05-10 00:24 - 2021-05-18 16:10 - 000036662 _____ C:\Users\Paula\Desktop\FRST.txt
2021-05-10 00:23 - 2021-05-18 16:09 - 000000000 ____D C:\FRST
2021-05-10 00:21 - 2021-05-10 00:22 - 002298880 _____ (Farbar) C:\Users\Paula\Desktop\FRST64.exe
2021-05-07 15:07 - 2021-05-07 15:07 - 000002678 _____ C:\Users\Paula\Desktop\ZPH.txt
2021-05-07 15:07 - 2021-05-07 15:07 - 000000000 ____D C:\Users\Paula\Desktop\ZPH
2021-05-07 14:30 - 2021-05-10 00:13 - 000000000 ____D C:\Users\Paula\AppData\Roaming\ZHP
2021-05-07 14:30 - 2021-05-07 14:30 - 000000000 ____D C:\Users\Paula\AppData\Local\ZHP
2021-05-07 14:28 - 2021-05-07 14:28 - 003327128 _____ (Nicolas Coolman) C:\Users\Paula\Desktop\ZHPCleaner.exe
2021-05-03 00:16 - 2021-05-03 00:16 - 000110496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\982745d5.sys
2021-05-03 00:15 - 2021-05-03 00:16 - 000000000 ____D C:\KVRT2020_Data
2021-05-03 00:10 - 2021-05-03 00:10 - 000002466 _____ C:\Users\Paula\Desktop\eset.txt
2021-05-02 19:38 - 2021-05-02 19:38 - 000000558 _____ C:\Users\Paula\Desktop\ESET Online Scanner.lnk
2021-05-02 19:37 - 2021-05-02 19:37 - 000000000 ____D C:\Users\Paula\AppData\Local\ESET
2021-05-02 19:36 - 2021-05-02 19:37 - 103321912 _____ (AO Kaspersky Lab) C:\Users\Paula\Desktop\KVRT.exe
2021-05-02 19:33 - 2021-05-02 19:33 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Paula\Desktop\esetonlinescanner.exe
2021-04-30 00:36 - 2021-04-30 00:39 - 000000000 ____D C:\AdwCleaner
2021-04-30 00:27 - 2021-04-30 00:27 - 000021508 _____ C:\Users\Paula\Desktop\MalwarebytesInforme.txt
2021-04-29 20:52 - 2021-05-11 08:36 - 000000000 ____D C:\Users\Paula\AppData\LocalLow\IGDump
2021-04-29 20:45 - 2021-04-29 20:45 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-04-29 20:45 - 2021-04-29 20:45 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-04-29 20:45 - 2021-04-29 20:45 - 000001962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-29 20:45 - 2021-04-29 20:45 - 000001950 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-29 20:45 - 2021-04-29 20:45 - 000001950 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-29 20:45 - 2021-04-29 20:45 - 000000000 ____D C:\Users\Paula\AppData\Local\mbam
2021-04-29 20:44 - 2021-04-29 20:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-29 20:44 - 2021-04-29 20:43 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-04-29 20:42 - 2021-04-29 20:42 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-29 20:39 - 2021-04-29 20:40 - 210366080 _____ (Malwarebytes) C:\Users\Paula\Desktop\mb4-setup-consumer-4.3.0.218-1.0.1273-1.0.39721.exe
2021-04-29 20:25 - 2021-04-29 20:25 - 002078632 _____ (Malwarebytes) C:\Users\Paula\Desktop\MBSetup.exe
2021-04-29 20:24 - 2021-04-29 20:24 - 008534696 _____ (Malwarebytes) C:\Users\Paula\Desktop\adwcleaner_8.2.exe
2021-04-29 20:22 - 2021-04-29 20:22 - 000149218 _____ C:\Users\Paula\Desktop\Eliminar Malwares - ForoSpyware.pdf
2021-04-28 13:34 - 2021-04-28 13:34 - 000169752 _____ C:\Users\Paula\Desktop\Listado de Citas. Consulta.pdf
2021-04-28 13:31 - 2021-04-28 20:47 - 000186812 _____ C:\Users\Paula\Desktop\CITA PREVIA DNI PASAPORTE.pdf
2021-04-25 16:16 - 2021-04-25 16:15 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-04-25 16:16 - 2021-04-25 16:15 - 000215352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-04-20 12:59 - 2021-04-28 20:48 - 000000000 ____D C:\Users\Paula\Desktop\disco
2021-04-19 12:18 - 2021-04-19 12:18 - 000000000 ____D C:\Windows\pss

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-18 16:08 - 2020-05-18 11:46 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-05-18 16:03 - 2012-04-14 12:47 - 000000000 ____D C:\Program Files\CCleaner
2021-05-18 16:02 - 2018-01-04 17:00 - 000000000 ____D C:\Users\Paula\AppData\Local\WebEx
2021-05-18 16:02 - 2012-04-11 18:29 - 000000000 ___HD C:\ASUS.DAT
2021-05-18 16:01 - 2012-04-12 17:33 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-18 16:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-11 08:46 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-11 08:46 - 2009-07-14 06:45 - 000018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-11 08:40 - 2014-02-02 13:54 - 000000000 ____D C:\Users\Paula\AppData\Local\CrashDumps
2021-05-11 08:35 - 2012-04-11 18:29 - 000045056 _____ C:\Windows\SysWOW64\acovcnt.exe
2021-05-10 23:52 - 2012-06-30 23:40 - 000000000 ____D C:\Users\Paula
2021-05-10 23:51 - 2013-09-06 12:40 - 000000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA.job
2021-05-10 23:51 - 2013-09-06 12:40 - 000000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core.job
2021-05-10 23:48 - 2018-05-31 20:57 - 000000000 ____D C:\Users\Paula\AppData\LocalLow\Temp
2021-05-10 23:46 - 2013-09-18 23:19 - 000000000 ____D C:\Windows\system32\Tasks\Norton Family
2021-05-10 23:46 - 2012-07-18 12:13 - 000000000 ____D C:\Users\Alex
2021-05-10 23:46 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2021-05-10 23:30 - 2020-05-21 10:28 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-10 23:30 - 2019-01-09 00:35 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-05-10 23:30 - 2017-02-08 18:58 - 000002792 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-10 23:30 - 2013-09-06 12:40 - 000003914 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005UA
2021-05-10 23:30 - 2013-09-06 12:40 - 000003546 _____ C:\Windows\system32\Tasks\FacebookUpdateTaskUserS-1-5-21-3305915279-4216548775-2174266474-1005Core
2021-05-10 23:30 - 2013-04-30 21:30 - 000003982 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{6498E195-9FD1-4FCE-BB66-F149DDE8C9CF}
2021-05-10 23:30 - 2013-01-08 23:09 - 000003118 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-05-10 23:30 - 2013-01-08 23:09 - 000003090 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-05-10 23:30 - 2012-09-17 17:57 - 000003534 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-10 23:30 - 2012-09-17 17:57 - 000003406 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-10 23:30 - 2012-04-15 10:28 - 000003092 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-05-10 23:30 - 2012-01-20 13:44 - 000003160 _____ C:\Windows\system32\Tasks\SidebarExecute
2021-05-10 19:40 - 2018-09-08 10:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-05-07 14:45 - 2016-05-28 16:58 - 000000000 ____D C:\Program Files (x86)\QuickTime
2021-04-30 00:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-04-30 00:33 - 2012-01-20 13:45 - 000001988 _____ C:\Windows\system32\ServiceFilter.ini
2021-04-30 00:27 - 2013-02-26 17:14 - 000000000 ____D C:\Users\Paula\AppData\Roaming\uTorrent
2021-04-29 20:26 - 2011-02-19 06:19 - 000759382 _____ C:\Windows\system32\perfh00A.dat
2021-04-29 20:26 - 2011-02-19 06:19 - 000163162 _____ C:\Windows\system32\perfc00A.dat
2021-04-29 20:26 - 2009-07-14 07:13 - 001708978 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-28 13:30 - 2019-09-10 09:41 - 000000000 ____D C:\Users\Paula\.afirma
2021-04-27 13:15 - 2012-09-17 17:57 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-26 21:14 - 2020-06-01 11:44 - 000000000 ____D C:\Users\Paula\AppData\Local\Spotify
2021-04-26 21:12 - 2020-06-01 11:41 - 000000000 ____D C:\Users\Paula\AppData\Roaming\Spotify
2021-04-25 16:20 - 2019-01-09 00:33 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-25 16:15 - 2020-10-14 09:43 - 000180448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000522384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000467720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000326992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000250336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000082872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-04-25 16:15 - 2020-05-18 11:46 - 000041296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-04-25 16:14 - 2020-05-18 11:46 - 000850632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-04-25 16:14 - 2020-05-18 11:46 - 000365024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-04-25 16:14 - 2020-05-18 11:46 - 000212192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys

==================== Archivos en la raíz de algunos directorios ========

2019-05-31 20:49 - 2019-05-31 20:49 - 000003725 _____ () C:\Program Files\48588549Z_PAULA_LILLO__1559328497699.p12
2020-05-05 18:31 - 2020-05-05 18:31 - 000008704 _____ () C:\Users\Paula\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-05-03 04:13
==================== Final de FRST.txt ========================

Addition:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 09-05-2021
Ejecutado por Paula (18-05-2021 16:11:10)
Ejecutado desde C:\Users\Paula\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-11 16:28:31)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3305915279-4216548775-2174266474-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3305915279-4216548775-2174266474-1003 - Limited - Enabled)
Invitado (S-1-5-21-3305915279-4216548775-2174266474-501 - Limited - Enabled)
Paula (S-1-5-21-3305915279-4216548775-2174266474-1005 - Administrator - Enabled) => C:\Users\Paula

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português (HKLM-x32\...\{AC76BA86-1040-7D70-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
AMD Catalyst Install Manager (HKLM\...\{363A0366-B490-43BF-3478-4E83209389E4}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version:  - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.5 - Gobierno de España)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-L2500D series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
Centro de Ratón y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\ActiveTouchMeetingClient) (Version: 41.1.3 - Cisco Webex LLC)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
darktable (HKLM\...\darktable) (Version: 2.4.1 - the darktable project)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Fliqlo Protector de pantalla (HKLM-x32\...\Fliqlo) (Version:  - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 2540 series Software básico del dispositivo (HKLM\...\{2FE8E982-BB5C-4660-81AF-B9DD389A5F58}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{E8FF0A82-0696-4347-B4AE-708DE306FFE9}) (Version: 12.18.34.21 - HP Inc.)
Human Anatomy Atlas 3.0.1 (HKLM-x32\...\Human Anatomy Atlas 3.0.1) (Version:  - )
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.5 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0401-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0404-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0419-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0816-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MidiNotate Composer (HKLM-x32\...\{FC572E6B-1511-4C53-929A-469D49E1C576}) (Version: 1.0 - )
Mozilla Firefox 84.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 84.0 (x64 es-ES)) (Version: 84.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.2.7321 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Demo (HKLM-x32\...\{A66B369B-2927-8B02-ADF7-5BC0FE941034}) (Version: 7.00.1504 - Nero AG)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Paquete de compatibilidad para 2007 Office system (HKLM-x32\...\{90120000-0020-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.)
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM-x32\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Spotify (HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\...\Spotify) (Version: 1.1.56.595.g2d2da0de - Spotify AB)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version:  - Oberon Media)
UltraStar WorldParty (HKLM-x32\...\UltraStar WorldParty) (Version: 19.12 - UltraStar España)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.24 - ASUS)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Paula\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-09-28] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki

==================== Módulos cargados (Lista blanca) =============

2010-11-15 21:04 - 2010-11-15 21:04 - 000019968 _____ () [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\es_es\acrotray.esp
2011-09-30 03:06 - 2011-09-30 03:06 - 000208384 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
2011-05-30 23:48 - 2011-05-30 23:48 - 000009216 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 001163264 _____ () [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2017-10-10 22:47 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000080384 _____ (ACTIONTEC Electronics,Inc) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2012-01-20 13:36 - 2010-12-21 03:49 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-05-30 23:48 - 2011-05-30 23:48 - 000053248 _____ (ASUSTeK) [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
2011-05-30 23:48 - 2011-05-30 23:48 - 000032768 _____ (ASUSTek) [Archivo no firmado] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
2012-01-20 13:43 - 2011-09-06 10:49 - 000114688 _____ (Atheros Communications, Inc.) [Archivo no firmado] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-01-20 13:43 - 2011-09-06 10:49 - 000269824 _____ (Atheros Communications, Inc.) [Archivo no firmado] c:\program files (x86)\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000036864 _____ (ATK) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2017-10-10 17:53 - 2014-06-16 15:45 - 000137728 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-10-10 17:53 - 2014-06-16 16:03 - 000083968 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-10-10 17:53 - 2014-06-16 16:03 - 017955328 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-10-10 17:53 - 2014-06-16 16:03 - 000087552 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll
2011-05-25 09:09 - 2011-05-25 09:09 - 000227840 _____ (eCareme Technologies, Inc.) [Archivo no firmado] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 002891264 _____ (FreeImage) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
2012-01-20 13:36 - 2010-12-21 03:45 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2002-02-14 15:00 - 2002-02-14 15:00 - 000024576 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\3082\mdmui.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\ucrtbase.DLL
2020-07-09 20:06 - 2020-07-09 20:06 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\3082\avast.local_vc142.crt\VCRUNTIME140.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\MSVCP140.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\ucrtbase.DLL
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\VCRUNTIME140.dll
2021-05-11 08:39 - 2021-05-11 08:39 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21051100\avast.local_vc142.crt\VCRUNTIME140_1.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000331776 _____ (Realtek Semiconductor Corp.) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
2011-05-17 20:31 - 2011-05-17 20:31 - 000200704 _____ (Realtek) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 000303104 _____ (Silicon Integrated Systems Corp.) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2010-10-28 22:50 - 2010-10-28 22:50 - 000304128 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcherLOC.DLL
2010-11-27 00:25 - 2010-11-27 00:25 - 000013312 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\PMB\XpStorageDevice_WinXp2k.dll
2011-09-13 23:33 - 2011-09-13 23:33 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\ASUS\Wireless Console 3\LIBEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\982745d5.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\982745d5.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Versión 11) (Lista blanca) ==========

HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3305915279-4216548775-2174266474-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-04-05 19:04 - 2021-05-10 23:47 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-3305915279-4216548775-2174266474-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Puntos de Restauración =========================

03-05-2021 04:20:01 Punto de control programado
10-05-2021 20:57:52 Punto de control programado
10-05-2021 23:06:43 Revo Uninstaller's restore point - Spybot - Search & Destroy
10-05-2021 23:13:17 Revo Uninstaller's restore point - Visual Studio 2012 x64 Redistributables
10-05-2021 23:17:31 Revo Uninstaller's restore point - Visual Studio 2012 x86 Redistributables
10-05-2021 23:19:42 Revo Uninstaller's restore point - Wondershare Video Editor(Build 3.5.1)
10-05-2021 23:45:31 Restore Point Created by FRST

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Concentrador raíz USB
Description: Concentrador raíz USB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: usbhub
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/11/2021 08:40:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.974, marca de tiempo: 0x607861f0
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x603971ce
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219dc5
Id. del proceso con errores: 0x190c
Hora de inicio de la aplicación con errores: 0x01d7463045bdfb67
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Id. del informe: c1699d4a-b223-11eb-b166-c86000109572

Error: (05/10/2021 11:45:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-3305915279-4216548775-2174266474-1005.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {82b86816-53d2-430c-a4c1-db9905c2683c}

Error: (05/10/2021 11:45:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {8a7db202-8a46-4cb2-8851-0ebbc92be539}

Error: (05/10/2021 11:45:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-3305915279-4216548775-2174266474-1005.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {82b86816-53d2-430c-a4c1-db9905c2683c}

Error: (05/10/2021 11:19:42 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-3305915279-4216548775-2174266474-1005.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {9aa34a19-d66d-430c-bce7-25fcb1b39ffe}

Error: (05/10/2021 11:19:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-3305915279-4216548775-2174266474-1005.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {9aa34a19-d66d-430c-bce7-25fcb1b39ffe}

Error: (05/10/2021 11:17:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-3305915279-4216548775-2174266474-1005.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {9aa34a19-d66d-430c-bce7-25fcb1b39ffe}

Error: (05/10/2021 11:17:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-3305915279-4216548775-2174266474-1005.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {9aa34a19-d66d-430c-bce7-25fcb1b39ffe}


Errores del sistema:
=============
Error: (05/18/2021 04:05:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio HP Support Solutions Framework Service no respondió después de iniciar.

Error: (05/11/2021 08:46:33 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {995C996E-D918-4A8C-A302-45719A6F4EA7} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/11/2021 08:36:00 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80004005" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.

Error: (05/11/2021 12:05:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/11/2021 12:05:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Search.

Error: (05/11/2021 12:05:40 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1053" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/11/2021 12:04:59 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1053" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (05/11/2021 12:04:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
================
Date: 2013-04-04 21:09:23.027
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{BE96DE12-4225-40D3-8371-6DD116F5808A}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2013-02-16 20:29:58.789
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{4CD03099-800F-46F4-9D13-7D7748517B27}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-09-18 21:28:13.000
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{09DBA661-8E25-4B7C-9D14-06F6EFEA3172}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-09-15 19:04:49.168
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A9A2F6A1-8454-4485-A8D6-C6DEEC0780CB}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2012-07-11 07:04:04.547
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{CA81D4BB-349F-4323-8A1C-8B82641A9F66}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. K54HR.202 12/26/2011
Placa base: ASUSTeK Computer Inc. K54HR
Procesador: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Porcentaje de memoria en uso: 90%
RAM física total: 3056.13 MB
RAM física disponible: 293.27 MB
Virtual total: 6110.43 MB
Virtual disponible: 2396.82 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:35.18 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:34.2 GB) NTFS


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================