Blacklist en windows 7

Instale Malwarebytes, hice la limpieza y despues de reiniciar la PC no me deja abrir mas Malwarebytes, tira el siguiente error “Unable to connect the server”. No puedo obtener el registro.

Hola nuevamente,

El que no se pueda ejecutar Malwarebytes podría ser señal de otra infección. Por lo que si te parece vamos a hacer un par de revisiones más si te parece.

Revisa el siguiente manual:

Ejecuta un Análisis Personalizado con ESET Online Scanner como se indica en el manual. Posteriormente ve al apartado de Informe de analisis y revisa como obtener el reporte.

Esperamos ese reporte.

Saludos

Agrego que hoy borre un monton de ejecutables en mi carpeta Mis Documentos, debieron ser unos 20 archivos que yo no había bajado.

1 me gusta

Hola nuevamente,

Muy bien. Procede con el escaneo y nos comentas para ver resultados.

Saludos

1 me gusta

Log de ESET

30/06/2021 17:48:20 p.m.
Archivos analizados: 581008
Archivos detectados: 22
Archivos desinfectados: 22
Tiempo total de análisis 01:44:36
Estado del análisis: Finalizado


C:\ODIN.v1.2.3\ODIN 1.2.3\drivers\oem-drv86.sys	una variante de Win32/HackKMS.M aplicación potencialmente no segura	desinfectado por eliminación
C:\ODIN.v1.2.3\ODIN 1.2.3\odin.exe	una variante de MSIL/HackKMS.C aplicación potencialmente no segura	desinfectado por eliminación
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G3UD5G5Z\app[1].bmp	una variante de Win32/Kryptik.HLNP Troyano	desinfectado por eliminación
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G3UD5G5Z\Intestines[1].bmp	una variante de MSIL/Kryptik.ABQA Troyano	desinfectado por eliminación
C:\Users\Gustavo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I5JLQUZ4\28_6_r_net[1].bmp	una variante de MSIL/Kryptik.ABQA Troyano	desinfectado por eliminación
D:\pendrive\activado office\Office 2010 Toolkit and EZ-Activator 2.2.3\Office 2010 Toolkit.exe	una variante de MSIL/HackKMS.G aplicación potencialmente no segura	desinfectado por eliminación
D:\pendrive\activado office\Office 2010 _Toolkit_.exe	una variante de MSIL/HackKMS.A aplicación potencialmente no segura	desinfectado por eliminación
D:\programas\activado office\Office 2010 Toolkit and EZ-Activator 2.2.3\Office 2010 Toolkit.exe	una variante de MSIL/HackKMS.G aplicación potencialmente no segura	desinfectado por eliminación
D:\programas\activado office\Office 2010 _Toolkit_.exe	una variante de MSIL/HackKMS.A aplicación potencialmente no segura	desinfectado por eliminación
D:\programas\FileZilla_3.28.0_win64-setup_bundled.exe	una variante de Win32/FusionCore.Q aplicación potencialmente no deseada	desinfectado por eliminación
D:\server\sexshop\imagenes_productos\A2_0.jpg	PHP/Flooder.Agent.NAA virus	eliminado
D:\server\sexshop\imagenes_productos\A2_5.jpg	PHP/Flooder.Agent.NAA virus	eliminado
D:\server\sexshop\imagenes_productos\AAM0200172_1.jpg	PHP/C99Shell.NAM Troyano	desinfectado por eliminación
D:\server\sexshop\imagenes_productos\AAP300314_0.jpg	PHP/Rst.R Troyano	desinfectado por eliminación
D:\server\sexshop\imagenes_productos\ACA14_1.jpg	PHP/Flooder.Agent.NAA virus	eliminado
D:\Users\Gustavo\Documents\hobbies\ReimageRepair (1).exe	una variante de Win32/ReImageRepair.K aplicación potencialmente no deseada	desinfectado por eliminación
D:\Users\Gustavo\Documents\hobbies\ReimageRepair.exe	una variante de Win32/ReImageRepair.K aplicación potencialmente no deseada	desinfectado por eliminación
D:\Users\Gustavo\Documents\Mis Webs\juegos-intimos\sexshop\imagenes_productos\A2_0.jpg	PHP/Flooder.Agent.NAA virus	eliminado
D:\Users\Gustavo\Documents\Mis Webs\juegos-intimos\sexshop\imagenes_productos\A2_5.jpg	PHP/Flooder.Agent.NAA virus	eliminado
D:\Users\Gustavo\Documents\Mis Webs\juegos-intimos\sexshop\imagenes_productos\AAM0200172_1.jpg	PHP/C99Shell.NAM Troyano	desinfectado por eliminación
D:\Users\Gustavo\Documents\Mis Webs\juegos-intimos\sexshop\imagenes_productos\AAP300314_0.jpg	PHP/Rst.R Troyano	desinfectado por eliminación
D:\Users\Gustavo\Documents\Mis Webs\juegos-intimos\sexshop\imagenes_productos\ACA14_1.jpg	PHP/Flooder.Agent.NAA virus	eliminado

Espero haber limpiado

Reinicie la PC después del análisis de ESET y Malwarebytes no abre.

Buenas

Bueno se encontraron varias infecciones destacables.

Si te parece vamos a ejecutar otro programa más, posteriormente podemos pasar a evaluar un poco el estado del equipo.

:white_check_mark: Descarga DrWeb Cureit:

Dr.Web CureIt! | InfoSpyware >> Manual de Uso

Ejecuta Drweb según su manual considerando lo siguiente::

  • Ejecuta un análisis personalizado con los parámetros que indica el manual
  • Asegurate de poner el reporte en mínimo como indica el manual
  • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
  • Si te detecta el archivo Hosts puedes permitir que DrWeb lo restaure.
  • Al terminar, revisa el manual en la sección Informe de análisis obtener la parte del reporte que nos interesa.

Esperamos ese reporte y cualquier otra duda.

Saludos

1 me gusta

No logro descargar el Dr Web Curelt y en su web, me manda a dscargar un archivo de 240MB

Para descargar el archivo en la web que indique ¿Marca algún error?

Si el otro enlace que mencionas es en la web del autor o alguna página de confianza, si es el tamaño correcto. Es un programa más pesado de lo usual.

Si el tamaño no te permite descargarlo o tienes algún otro problema me avisas.

Saludos

Smplemente no me abre y si le doy boton derecho abrir en nueva pestaña, la cierra al instante. El otro link es este Download Dr.Web CureIt! free of charge me lo mandaron por email.

Hola nuevamente,

Bueno eso ya en definitiva es otra señal que hay algo escondido.

Vamos a revisar más a fondo que pueda estar pasando en tu equipo:

:white_check_mark: Revisa el siguiente manual y ejecuta FRST:

Nos traerías los reportes de FRST Frst.txt y Adition.txt.

Saludos

NOTAS IMPORTANTES:

° Evite realizar procedimientos fuera de este tema a partir de este punto.

° NO descargue o instale mas programas mientras terminamos la desinfección.

° No vuelva a ejecutar ningún otro programa antivirus/antimalwares ni FRST hasta que vuelva con una respuesta.

FRST genero 2 TXT FRST.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-06-2021
Ejecutado por Gustavo (administrador) sobre GUSTAVO-PC (30-06-2021 20:54:47)
Ejecutado desde D:\programas
Perfiles cargados: Gustavo
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\No-IP\ducservice.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <3>
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Macrovision Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Opera Software AS -> Opera Software) C:\Users\Gustavo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [165120 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation) [Archivo no firmado]
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Run: [Opera Browser Assistant] => C:\Users\Gustavo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-06-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\MountPoints2: {1af57f9f-3200-11e3-bbc7-806e6f6e6963} - E:\autorun.exe
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SIDM BS64MonitorB: C:\Windows\system32\EBPMONB.DLL [108032 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\91.0.10364.116\Installer\chrmstp.exe [2021-06-23] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> "C:\Program Files (x86)\AVG\Browser\Application\88.0.7845.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0DC67154-A0D8-4F8B-9481-4ADF77DAABC9} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {10BF08B3-48EA-4FAA-8607-6803CDCB9920} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Gustavo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-30] (ESET, spol. s r.o. -> ESET)
Task: {2295DF1A-A360-4B01-9F9A-6A0C722D69D9} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-500Core -> Ningún archivo <==== ATENCIÓN
Task: {46F80F5F-5B10-4CC6-B3C4-72F485236D10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {4F2A22F7-8EDE-42DA-9AE7-850A883512BF} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-1001Core -> Ningún archivo <==== ATENCIÓN
Task: {5055FA5D-5230-4B1D-8524-A94657F08C52} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5F19C2FB-938C-4AE5-9C09-327E5AD809D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-26] (Google Inc -> Google Inc.)
Task: {66580A9F-BF33-4D09-A872-21F4EF91F8C1} - System32\Tasks\Opera scheduled suite Autoupdate 1508785205 => C:\Users\Gustavo\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-17] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=suite --component-path="C:\Users\Gustavo\AppData\Local\Programs\Opera\suite" $(Arg0)
Task: {6F1F0225-8496-4FA5-B2AD-2D162BABCFAA} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {7C8E4A4F-FEE7-4C29-852E-4BAC3E1EB152} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2280784 2021-06-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {95C4B004-4408-4F6D-BE50-71299B50C6B3} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [4734208 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {9A671862-2554-43C6-99EE-BF8B387B8950} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2280784 2021-06-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {AE5AE52E-09CE-4204-A739-FB9AAEB4E8FD} - System32\Tasks\{9C93AF72-0977-4A90-BC60-7467C44AAA9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\IMAPSize\unins000.exe"
Task: {BD25B0CA-98E5-4D09-A43E-F1B2BA7F1D36} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-05-03] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {C614F6E8-9DF2-4647-80FD-97EECF0969A9} - System32\Tasks\Opera scheduled Autoupdate 1508785204 => C:\Users\Gustavo\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-17] (Opera Software AS -> Opera Software)
Task: {D5F66E0B-BA76-4554-BF79-0E9ABB4B5B92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {D9AD8F42-A26B-460B-B50E-CFFBFF7DD2D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {DC7AD484-1DF1-477A-88C7-842AD885B193} - System32\Tasks\Opera scheduled assistant Autoupdate 1547498651 => C:\Users\Gustavo\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-17] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Gustavo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DE8721BF-3390-4157-AEAC-BB6A493CC24C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DFB2F4B2-1405-4872-988F-6DACC90D83C8} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Gustavo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-30] (ESET, spol. s r.o. -> ESET)
Task: {E3D29CD6-B649-48F0-9E49-21DCFA6E2ADE} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-1001UA -> Ningún archivo <==== ATENCIÓN
Task: {F036930D-9731-45A3-9EA6-9C4F0E97CB3B} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F7E96E68-5B68-4166-875A-A4217BECC2C1} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-500UA -> Ningún archivo <==== ATENCIÓN
Task: {FD76069D-BE99-4C60-AC3C-84A280853A6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-26] (Google Inc -> Google Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-1001Core.job => C:\Users\Cotutiu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-1001UA.job => C:\Users\Cotutiu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-500Core.job => C:\Users\Administrador\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-500UA.job => C:\Users\Administrador\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{15CF4B7E-FF5F-405F-B2DD-5CC5614AB670}: [DhcpNameServer] 186.130.128.250 186.130.129.250

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-09-01] [Heredado] [no firmado]
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll [2020-01-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\190.7.0\\npsitesafety.dll [Ningún archivo]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default [2021-06-30]
CHR Notifications: Default -> hxxps://emby.media; hxxps://plarium.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.prestashop.com
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR NewTab: Default ->  Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html", Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Extension: (Presentaciones) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26]
CHR Extension: (SEOquake) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2021-05-04]
CHR Extension: (Documentos) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26]
CHR Extension: (Google Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-17]
CHR Extension: (Hojas de cálculo) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
CHR Extension: (Cloud SWF Player with Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhhaadihgfcgmlefioblaahpnglnkbk [2018-02-26]
CHR Extension: (Complemento inhabilitación Google Analytics) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2018-02-26]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Uber) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijapfmjjfpakmbadajegooepglckjbg [2019-04-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-30]
CHR Extension: (Twitter) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2021-05-27]
CHR Extension: (Speed ​​Dial 2 Nueva pestaña) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-16]
CHR Extension: (E-Installer) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\knppogfjionnodifcoikfbmdcikecidm [2020-04-10]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-11-21]
CHR Extension: (Instagram) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2020-04-24]
CHR Extension: (PowerPoint Online) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2018-02-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
StartMenuInternet: Google Chrome.74FZJMUFTFTCEMJKTNDYEBUSQE - C:\Users\Administrador\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.HBYKIT5IEALIZ5YZBCEU7LYEK4 - C:\Users\Cotutiu\AppData\Local\Google\Chrome\Application\chrome.exe

Opera: 
=======
OPR Profile: C:\Users\Gustavo\AppData\Roaming\Opera Software\Opera Stable [2021-06-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Gustavo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-29]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-04-07] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [623800 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [354048 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [7936056 2021-03-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\91.0.10364.116\elevation_service.exe [1421328 2021-06-18] (AVG Technologies USA, LLC -> AVG Technologies)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-12-09] (Microsoft Corporation -> Microsoft Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Archivo no firmado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [35792 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [208688 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [365592 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [250392 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99376 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41416 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [178000 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [524544 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2020-06-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [107920 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83496 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [850248 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [466808 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [216488 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [327104 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 IAMTVE; C:\Windows\system32\drivers\IAMTVE.sys [43416 2007-04-11] (Intel Corporation -> Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\drivers\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation -> Intel Corporation)
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [14336 2011-07-20] (secr9tos) [Archivo no firmado]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-03-13] (CyberLink -> CyberLink Corp.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-30 20:52 - 2021-06-30 20:54 - 000000000 ____D C:\FRST
2021-06-30 17:48 - 2021-06-30 17:48 - 000003774 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-06-30 17:48 - 2021-06-30 17:48 - 000003334 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-06-30 15:58 - 2021-06-30 15:58 - 000000000 ____D C:\Users\Gustavo\AppData\Local\ESET
2021-06-30 13:13 - 2021-06-30 13:26 - 000000000 ____D C:\Users\Gustavo\AppData\LocalLow\IGDump
2021-06-30 13:11 - 2021-06-30 13:11 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-06-30 13:11 - 2021-06-30 13:11 - 000001967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-30 13:11 - 2021-06-30 13:11 - 000001955 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-30 13:11 - 2021-06-30 13:11 - 000000000 ____D C:\Users\Gustavo\AppData\Local\mbam
2021-06-30 13:10 - 2021-06-30 13:10 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-06-30 13:10 - 2021-06-30 13:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-30 13:10 - 2021-06-30 13:10 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-29 20:08 - 2021-06-30 20:56 - 015990784 _____ C:\Windows\system32\config\SYSTEM
2021-06-29 19:09 - 2021-06-29 19:09 - 000003094 _____ C:\Windows\system32\Tasks\{9C93AF72-0977-4A90-BC60-7467C44AAA9E}
2021-06-29 17:53 - 2021-06-29 17:54 - 000000000 ____D C:\AdwCleaner
2021-06-29 13:08 - 2021-03-26 17:40 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2021-06-29 12:41 - 2021-06-29 12:41 - 000000324 _____ C:\DelFix.txt
2021-06-29 10:43 - 2021-06-30 13:40 - 015990784 _____ C:\Windows\system32\C_32770.NLS
2021-06-28 15:07 - 2021-06-28 19:36 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Code
2021-06-28 15:07 - 2021-06-28 15:07 - 000000000 ____D C:\Users\Gustavo\.vscode
2021-06-28 12:59 - 2021-06-29 10:46 - 000000000 ___HD C:\Users\Gustavo\AppData\Roaming\WinHost
2021-06-28 11:54 - 2021-06-29 13:06 - 000000000 ____D C:\Program Files\Sublime Text

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-30 18:56 - 2017-09-03 11:56 - 000000000 ____D C:\ProgramData\Avg
2021-06-30 18:10 - 2009-07-14 01:45 - 000013424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-06-30 18:10 - 2009-07-14 01:45 - 000013424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-06-30 18:02 - 2019-06-12 10:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-30 18:01 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-30 16:14 - 2020-02-19 12:16 - 000000000 ____D C:\Users\Gustavo\.openshot_qt
2021-06-30 13:46 - 2020-05-13 13:02 - 000004324 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1547498651
2021-06-30 13:43 - 2017-09-04 12:19 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-06-29 19:14 - 2021-04-05 10:11 - 000000950 _____ C:\Users\Gustavo\Desktop\IMAPSize.lnk
2021-06-29 19:14 - 2021-04-05 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMAPSize
2021-06-29 13:09 - 2017-11-27 14:43 - 000001975 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2021-06-29 13:07 - 2013-10-10 20:09 - 000000000 ____D C:\Users\Gustavo
2021-06-29 13:06 - 2018-10-18 21:04 - 000000000 ____D C:\xampp2
2021-06-29 13:06 - 2017-10-23 12:55 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\EditPlus
2021-06-29 13:06 - 2011-07-19 20:47 - 000000000 ____D C:\Users\Intel
2021-06-29 13:06 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2021-06-29 12:36 - 2017-09-01 21:43 - 000001456 _____ C:\Users\Gustavo\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2021-06-28 19:37 - 2009-07-13 23:34 - 023592960 _____ C:\Windows\system32\config\BCD00000000
2021-06-28 14:14 - 2017-10-23 17:29 - 000000000 ____D C:\Users\Gustavo\AppData\Local\CrashDumps
2021-06-28 11:54 - 2020-04-06 16:53 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Sublime Text 3
2021-06-25 18:53 - 2018-02-17 22:19 - 000000000 ____D C:\BrewMate
2021-06-23 17:41 - 2019-05-26 12:52 - 000003706 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-06-23 17:41 - 2019-05-26 12:52 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2021-06-23 17:41 - 2019-05-26 12:52 - 000002268 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2021-06-22 17:47 - 2018-10-23 20:38 - 000000000 ____D C:\Users\Gustavo\AppData\Local\ElevatedDiagnostics
2021-06-22 17:44 - 2017-10-23 16:11 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\FileZilla
2021-06-21 15:42 - 2017-10-23 16:00 - 000004094 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1508785204
2021-06-10 13:49 - 2017-12-19 09:30 - 000002066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-07 11:04 - 2021-04-08 13:16 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-06-07 10:49 - 2020-09-16 10:49 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\AnyDesk
2021-06-05 18:05 - 2020-01-14 11:30 - 000003872 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-06-05 18:05 - 2018-09-16 19:42 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-06-05 18:05 - 2018-04-12 10:13 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-06-05 18:05 - 2018-02-26 14:07 - 000003470 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-05 18:05 - 2018-02-26 14:07 - 000003342 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-05 18:05 - 2017-10-23 16:00 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled suite Autoupdate 1508785205
2021-06-05 18:05 - 2017-09-04 21:19 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-06-05 18:05 - 2013-10-18 17:16 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-06-05 18:05 - 2012-09-19 10:09 - 000002776 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-06-05 18:05 - 2012-09-18 10:08 - 000003230 _____ C:\Windows\system32\Tasks\SidebarExecute

==================== Archivos en la raíz de algunos directorios ========

2018-10-23 18:46 - 2020-10-08 13:15 - 000000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe BMP Format CS6 Prefs
2019-05-07 18:40 - 2019-05-07 18:43 - 000000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2018-07-04 20:17 - 2019-01-31 18:53 - 000000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-09-26 13:27 - 2018-05-07 15:19 - 000000130 _____ () C:\Users\Gustavo\AppData\Roaming\default.rss
2019-03-27 13:04 - 2019-03-27 17:19 - 000001020 _____ () C:\Users\Gustavo\AppData\Roaming\editplus_u.ini
2017-09-01 21:43 - 2021-06-29 12:36 - 000001456 _____ () C:\Users\Gustavo\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2019-09-03 19:18 - 2019-09-03 19:18 - 000003584 _____ () C:\Users\Gustavo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-14 21:06 - 2020-03-14 21:06 - 000007597 _____ () C:\Users\Gustavo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-06-21 16:06
==================== Final de FRST.txt ========================

Addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-06-2021
Ejecutado por Gustavo (30-06-2021 20:56:42)
Ejecutado desde D:\programas
Windows 7 Ultimate Service Pack 1 (X64) (2013-10-10 23:09:21)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1130279614-888213052-4176818564-500 - Administrator - Disabled)
Gustavo (S-1-5-21-1130279614-888213052-4176818564-1003 - Administrator - Enabled) => C:\Users\Gustavo
Invitado (S-1-5-21-1130279614-888213052-4176818564-501 - Limited - Enabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Android Studio (HKLM\...\Android Studio) (Version: 3.5 - Google LLC)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH)
Archivos auxiliares de instalación de Microsoft SQL Server (español) (HKLM-x32\...\{44FEB532-0908-4A87-BC22-32F0960717EC}) (Version: 9.00.1399.06 - Microsoft Corporation)
Archivos auxiliares de instalación de Microsoft SQL Server 2008 (HKLM\...\{773C7652-85B8-4335-9C78-1113CDBD73DA}) (Version: 10.1.2731.0 - Microsoft Corporation)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.2.3170 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 91.0.10364.116 - Los creadores de AVG Secure Browser)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.150.11.1001 - BlueStack Systems, Inc.)
Brewer's Friend for Windows - 1  (HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\0de9c566bc46cc30) (Version: 1.0.0.42 - Brewer's Friend)
BrewMate (HKLM\...\BrewMate_is1) (Version:  - BrewMate)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\_{52166132-E642-447F-9785-F9133563CE59}) (Version: 17.6.0.1021 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{52166132-E642-447F-9785-F9133563CE59}) (Version: 17.6.1021 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{909C0E2F-44AB-46A4-AE04-8FFCCDEECCFC}) (Version: 17.6.1021 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation)
CorelDRAW Graphics Suite X7 - IPM (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.6 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.6.0.1021 - Corel Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.15 - Piriform)
Desinstalador de impresora EPSON LX-350 ESC/P (HKLM\...\EPSON LX-350 ESC/P) (Version:  - SEIKO EPSON Corporation)
EditPlus (64 bit) (HKLM\...\EditPlus) (Version:  - ES-Computing)
Emby Server (HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Emby Server) (Version: 4.5 - Emby Team)
ES (HKLM-x32\...\{CBFAD664-763E-4A7D-BF92-BB0E493F3C66}) (Version: 13.0 - Corel Corporation) Hidden
FileZilla Client 3.28.0 (HKLM-x32\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse)
FontNav (HKLM-x32\...\{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}) (Version: 5.0 - Corel Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.165 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 7.4.0.0 - Google LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Herramientas de Microsoft SQL Server 2005 Express Edition (HKLM-x32\...\{9ECA16A2-595E-4D9C-A0C4-FE6DB9598E84}) (Version: 9.00.1399.06 - Microsoft Corporation) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java(TM) 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java(TM) SE Development Kit 13.0.1 (64-bit) (HKLM\...\{02E6B6AF-D69D-5191-9D34-7E11D4AC952C}) (Version: 13.0.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Marco trabajo apl. capa datos de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{B65527FD-47DD-4A07-9E07-64DA91B0A34A}) (Version: 10.50.1447.4 - Microsoft Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - ESN (HKLM-x32\...\{B0DF0057-EF87-471D-A80A-DC1F0463BA19}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - ESN (HKLM-x32\...\{4F19E81D-168E-4E0B-A4B7-AA246FBE3FBB}) (Version: 2.0.50414.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Device Emulator, versión 1.0 - ESN (HKLM-x32\...\{4989F660-D303-4E1E-B280-773FBAF5FCF9}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (Spanish) (HKLM-x32\...\{90120000-00D1-0C0A-0000-0000000FF1CE}) (Version: 12.0.4518.1049 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Hotmail Connector de 64 bits (HKLM\...\{95140000-007A-0C0A-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (HKLM\...\{95140000-007D-0409-1000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Español (HKLM-x32\...\{8D8C5BD0-7FC7-4680-B527-218F63920E03}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ESN] Developer Tools (HKLM-x32\...\{DD855DBE-BF8C-4E38-A1C9-F3259CCF50B6}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{10E05081-646C-4130-A166-83283A3A0A45}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{1978F87B-AD4A-48B4-96A3-2B596F844240}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{F188B6ED-4537-4CAC-A4DE-3BD30E6114C6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{6C239446-F196-44DC-9148-8D912895D097}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{2A78694E-ACFE-4D5A-9B0F-C0EBEFA3F280}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ESN (HKLM\...\{24965A31-311D-462D-BAA8-B482ABA115D8}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{6A271126-9DCA-4013-97F7-3C11E5CA0BA6}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{46878B08-238C-4F28-9194-9D8604A7F52E}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{CD9B2BA6-F699-4700-81B9-CD28C0BC693C}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DE63A8FE-80A6-4CA3-ACEA-F954B6370596}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) es (HKLM\...\{2D6232BE-CDB4-4EE7-AFCB-1541E12041E9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 es (HKLM-x32\...\{EF948EA2-FA97-4312-BA36-88D76048CCE8}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) es (HKLM\...\{C69733F2-4140-440F-938E-2D47C6CB1C70}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) es (HKLM\...\{1C3998E1-8501-455C-B829-5031520EBC94}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{61B42D05-EBFA-3896-A267-B71CD3025BC5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ESN (HKLM\...\{747566F9-44D9-46D4-BE8C-9954AF556BAB}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional - ESN (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - ESN) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ESN (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ESN) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{817C2DCF-4DD7-3C32-8A8E-7CEFF137E543}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - ESN Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - ESN Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Modelo de objetos de Microsoft Team Foundation Server 2010 - ESN (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ESN) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MySQL-Front (HKLM-x32\...\MySQL-Front_is1) (Version: 6.0 - )
Nero 9 (HKLM-x32\...\{32b279ef-a3cb-4bc2-a902-fcc166aa0d1e}) (Version:  - Nero AG)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Objetos de administración de Microsoft SQL Server 2008 R2 (HKLM-x32\...\{6438BDAD-CE12-4D38-B1C4-42F94F08408F}) (Version: 10.50.1447.4 - Microsoft Corporation)
Objetos de administración de Microsoft SQL Server 2008 R2 (x64) (HKLM\...\{2040D407-91F5-48F3-9A81-B084573D0577}) (Version: 10.50.1447.4 - Microsoft Corporation)
OpenShot Video Editor versión 2.4.4 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.4 - OpenShot Studios, LLC)
Opera Stable 77.0.4054.90 (HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Opera 77.0.4054.90) (Version: 77.0.4054.90 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (HKLM\...\Microsoft .NET Framework 4 Extended ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Document Explorer 2005 - Español (HKLM-x32\...\Microsoft Document Explorer 2005 Language Pack - ESN) (Version:  - Microsoft Corporation)
Paquete de idioma de Microsoft Visual F# 2.0 Runtime - ESN (HKLM-x32\...\{7CCA8BD3-005C-3195-806B-501E6D3D242B}) (Version: 10.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft Visual J# 2.0 Redistributable - ESN (HKLM-x32\...\Paquete de idioma de Microsoft Visual J# 2.0 Redistributable - ESN) (Version:  - Microsoft Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Paquete de idioma del Visor de Ayuda de Microsoft 3.0 - ESN (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - ESN) (Version: 1.0.30319 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Presupuesto Corralon (HKLM-x32\...\{792D7A62-519E-463B-AE2C-A01E97CCAA4F}) (Version: 1.0.0 - Webmaster en Merlo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Service Pack 1 para SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Update Manager (HKLM-x32\...\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}) (Version: 4.60 - Corel Corporation) Hidden
VBA (HKLM-x32\...\{C94E45B0-6AA6-4FB9-9AAE-22085F631880}) (Version: 6.2 - Corel Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Prerequisites - English (HKLM\...\{95480F46-25D7-31D1-ACD2-D8722B133A0C}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ESN (HKLM-x32\...\{CF72A524-84BD-4AB7-B3C6-2C358672CD15}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinZip (HKLM-x32\...\WinZip) (Version:  8.1  (4331) - WinZip Computing, Inc.)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.11-0 - Bitnami)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-19] (Nero AG -> Nero AG)
ContextMenuHandlers1: [EditPlus] -> {36D94110-787C-4828-9C1B-0DAFEBC36069} => C:\Program Files\EditPlus\eppshell64.dll [2018-03-12] (ES-Computing -> )
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2002-05-14] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2002-05-14] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2002-05-14] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.) [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
ShortcutWithArgument: C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Uber.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gijapfmjjfpakmbadajegooepglckjbg

==================== Módulos cargados (Lista blanca) =============

2015-07-20 12:34 - 2015-07-20 12:34 - 000073728 _____ () [Archivo no firmado] C:\Program Files (x86)\No-IP\ducapi.dll
2012-09-18 09:53 - 2012-01-26 14:38 - 000073728 ____R (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\ucrtbase.DLL
2020-07-10 13:26 - 2020-07-10 13:26 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\AVG\Antivirus\3082\avg.local_vc142.crt\VCRUNTIME140.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Versión 9) (Lista blanca) ==========

HKU\S-1-5-21-1130279614-888213052-4176818564-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.ar/
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1130279614-888213052-4176818564-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2020-01-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2020-01-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\19.7.0.632\AVG Secure Search_toolbar.dll => Ningún archivo
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\19.7.0.632\AVG Secure Search_toolbar.dll Ningún archivo
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [Archivo no firmado]

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2021-02-23 10:52 - 000000847 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\DMIX;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\;C:\xampp2\php;C:\composer
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{30DB10F6-611C-4570-85A8-908B6A3C62D2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9987AD93-914D-4A98-B2A2-B1E9F0C6F30C}] => (Allow) LPort=2869
FirewallRules: [{87006AEC-B0A4-45C4-84A3-A2AA497018B5}] => (Allow) LPort=1900
FirewallRules: [{FDE090A5-0EF4-4059-9B7E-11D291CEDBEB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59615180-45E7-4ADD-9A5D-599A0D2DFD0E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AEE4F48A-0094-47F0-B185-591DB4910A03}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{CF63A92D-8111-4302-B279-2E5B672A7087}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe => Ningún archivo
FirewallRules: [{2929E95D-9B23-4A73-A197-E1120EB5768F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe => Ningún archivo
FirewallRules: [TCP Query User{EB4B969F-3CA8-410A-8516-999EB101D9AB}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe => Ningún archivo
FirewallRules: [UDP Query User{3C6578BC-047F-4765-BF55-0551DBA5E8C1}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe => Ningún archivo
FirewallRules: [TCP Query User{051B2F52-0F52-4D67-9800-C65FD45E4CDA}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [UDP Query User{01864010-10CE-44E3-BDD5-47D2919F404A}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [{32C7EBD3-7405-4725-AD57-53E849A79A34}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{932EBEC1-CC4A-488E-8853-EF8AC8963DEA}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{EF79AFF9-C1F1-4618-AFE4-058E2FA68C79}] => (Allow) LPort=7935
FirewallRules: [{D7FA2483-BE0C-405B-B0D1-4E957881FC1B}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{1A26FFBD-0F28-4571-81E2-429327EF3494}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [TCP Query User{5BE97EEA-0F42-4D57-904A-777AB2B92B86}C:\users\gustavo\appdata\local\temp\keygen.exe] => (Allow) C:\users\gustavo\appdata\local\temp\keygen.exe => Ningún archivo
FirewallRules: [UDP Query User{C92C1E93-87E8-4F4C-8A00-7A467210026B}C:\users\gustavo\appdata\local\temp\keygen.exe] => (Allow) C:\users\gustavo\appdata\local\temp\keygen.exe => Ningún archivo
FirewallRules: [{CEDE3DE6-3D41-4901-963F-5DDBA21E08D7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86511C68-4848-4E60-8D31-5B08772E8B2A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => Ningún archivo
FirewallRules: [{E4B7674E-A830-4EAC-ACFD-28532892F1E9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => Ningún archivo
FirewallRules: [TCP Query User{0F8C26B6-DF30-47F3-8983-F7E962BDF229}F:\xampp\mysql\bin\mysqld.exe] => (Allow) F:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [UDP Query User{8788E911-1D48-484D-A5D3-45377EAEB6A2}F:\xampp\mysql\bin\mysqld.exe] => (Allow) F:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [TCP Query User{C0D9A36F-F870-4C20-AB7D-5A6A22666BCA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{5762EA68-78A9-4F7C-B7EC-C7EFDEBD0ABD}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [{1B153502-A4AF-47E4-AF03-EAF7CB63E1C5}] => (Block) C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\CorelDRW.exe (Corel Corporation) [Archivo no firmado]
FirewallRules: [{6CFCB75F-12A6-4942-A36E-F7B68868CD3B}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDRW.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{8D2F2D05-23B7-4F90-91E7-9D7E8514EEB8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F861865D-7558-4658-9841-670847DCC32D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{43C7D0DE-2005-4329-9E61-C274EAE33E8C}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{D58DC6EE-7616-40F9-B2C6-D5492B8F0AEC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{808A0B15-B999-4371-891D-51855EB9870F}C:\xampp2\apache\bin\httpd.exe] => (Allow) C:\xampp2\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{0A03749C-4964-47C0-8448-2B504CB52016}C:\xampp2\apache\bin\httpd.exe] => (Allow) C:\xampp2\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [TCP Query User{24362D59-FACB-4869-8EA5-8A91C95BFF9E}C:\xampp2\mysql\bin\mysqld.exe] => (Allow) C:\xampp2\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{AC806CFF-38B3-4BFB-9B52-6F840CC7317E}C:\xampp2\mysql\bin\mysqld.exe] => (Allow) C:\xampp2\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{01330316-FE18-482A-831F-D3D6FAA701B6}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{C7634CA3-1D32-46D4-A545-459ADBFDEBD5}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{765DCEB9-7D01-4655-9D43-6E2006C2EA7A}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{2A6DD8FC-E52C-45AC-9982-81BBC019161B}C:\Program Files\openshot video editor\launch.exe] => (Allow) C:\Program Files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{750ED492-90D2-4C61-9272-4D4F450B8291}C:\Program Files\openshot video editor\launch.exe] => (Allow) C:\Program Files\openshot video editor\launch.exe () [Archivo no firmado]
FirewallRules: [{6AFF4C58-3D82-4FBC-B411-9DB2ACF36155}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9A75C00A-843A-4A51-BD7C-916B30A7BF1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{86A9C653-C7B2-4807-9C3E-F095C9B42010}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8B3E4FFE-99B4-47B5-8302-1002FF168233}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{840898D9-B8CA-4157-AE1F-ED4CFD990A4E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{A8C2229D-EDD2-46BF-9C31-39CBF6FE007B}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{D6AA560F-9A98-4F45-8CED-FC656AA97750}C:\xampp2\apache\bin\httpd.exe] => (Allow) C:\xampp2\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{82E22557-0ED5-4A4A-B46A-13BDED731987}C:\xampp2\apache\bin\httpd.exe] => (Allow) C:\xampp2\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [{EAD6730A-9C5C-45E2-B6C2-374E5C47FF42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{258FC70C-0B61-425F-BF17-8CF844D5EADB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D10F76A9-7515-44DF-9A5D-6280766808D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C7E84C22-D74F-4E02-8FD4-DE731FC01E0C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{4032CB5F-5ECD-4DE3-9933-0B3E9409A199}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{FB197CD0-9FC9-477A-ACA3-4F91F8046D1A}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado]
FirewallRules: [TCP Query User{05BCD99A-2E0E-419F-9E73-97CCBCF8B612}C:\xampp2\mercurymail\mercury.exe] => (Block) C:\xampp2\mercurymail\mercury.exe (David Harris) [Archivo no firmado]
FirewallRules: [UDP Query User{7F1580E4-28EE-4C3B-85FE-3ABABBAF6DA7}C:\xampp2\mercurymail\mercury.exe] => (Block) C:\xampp2\mercurymail\mercury.exe (David Harris) [Archivo no firmado]
FirewallRules: [TCP Query User{63AF217C-5B33-4B6D-9D99-40FA39ED8818}C:\program files (x86)\vibe streamer\vibestreamer.exe] => (Allow) C:\program files (x86)\vibe streamer\vibestreamer.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{13EE0E80-8448-43D5-B289-8E834EC4245D}C:\program files (x86)\vibe streamer\vibestreamer.exe] => (Allow) C:\program files (x86)\vibe streamer\vibestreamer.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{15F4E293-2D5B-4B96-ACFF-AEC0814014A0}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{529C1EE3-78B8-411E-AA84-D3F8496A5433}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{E6F0D871-4C3E-41C1-8383-582D70EE5DEA}D:\users\gustavo\documents\mis webs\streaming\anydesk.exe] => (Allow) D:\users\gustavo\documents\mis webs\streaming\anydesk.exe => Ningún archivo
FirewallRules: [UDP Query User{05509635-82BC-42E7-AC37-D793F5234DD1}D:\users\gustavo\documents\mis webs\streaming\anydesk.exe] => (Allow) D:\users\gustavo\documents\mis webs\streaming\anydesk.exe => Ningún archivo
FirewallRules: [TCP Query User{17513F99-A145-4913-ABF9-842E4CD65FAC}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{72B41922-FE64-48E1-967A-255E233D2686}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{589386E4-C87D-49AB-91D0-DF8958B2908E}D:\users\gustavo\documents\mis webs\streaming\nginx-1.9.9\nginx.exe] => (Allow) D:\users\gustavo\documents\mis webs\streaming\nginx-1.9.9\nginx.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{238663D2-6D3F-4D37-B867-A32D170F7593}D:\users\gustavo\documents\mis webs\streaming\nginx-1.9.9\nginx.exe] => (Allow) D:\users\gustavo\documents\mis webs\streaming\nginx-1.9.9\nginx.exe () [Archivo no firmado]
FirewallRules: [{C3C56659-440D-4379-8955-E3068D37AA6C}] => (Allow) LPort=7359
FirewallRules: [{F2A958BA-8845-47A0-AE0B-37B0CA3D7412}] => (Allow) LPort=8096
FirewallRules: [{FB21F478-29CE-4157-9A77-808DBC487D65}] => (Allow) LPort=8920
FirewallRules: [{676C7321-BF9B-49F0-A33F-73034E673EE1}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{A8393AC9-A3C0-488B-886B-4EBBB0459287}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{E59BC475-A12F-4CD1-8761-C34F0E9725FE}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{A3C0149D-C80A-451D-BC95-A2605F5D9546}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [TCP Query User{28512E7C-5511-4AAB-A478-E8A92ABFE2F2}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [Archivo no firmado]
FirewallRules: [UDP Query User{09F49D52-D497-48EC-A8E1-8596E917882D}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [Archivo no firmado]
FirewallRules: [TCP Query User{4C2997A3-E7EB-4CF8-8F0C-8C982981C2CD}C:\xampp2\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp2\filezillaftp\filezillaserver.exe (FileZilla Project) [Archivo no firmado]
FirewallRules: [UDP Query User{2DD80504-3AA4-46C3-BB06-74068051C9BA}C:\xampp2\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp2\filezillaftp\filezillaserver.exe (FileZilla Project) [Archivo no firmado]
FirewallRules: [{0D143542-46D8-4085-A9BA-3DBAABEB6261}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{17F53C3F-9AB9-4F21-8D93-4E7E35DD6B05}D:\programas\anydesk.exe] => (Allow) D:\programas\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{9348BC6C-302B-4462-9A51-9289C0F2586C}D:\programas\anydesk.exe] => (Allow) D:\programas\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{0C7096F8-7C0E-4CD8-BE7A-149E45197A64}D:\users\gustavo\desktop\anydesk.exe] => (Allow) D:\users\gustavo\desktop\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{B7C7E32A-65D2-4357-8050-6EE780E33A47}D:\users\gustavo\desktop\anydesk.exe] => (Allow) D:\users\gustavo\desktop\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{1DD41DA0-BA26-4D02-B3DD-B04F9D0B23E9}] => (Allow) C:\Users\Gustavo\AppData\Local\Programs\Opera\76.0.4017.177\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{51AF2E45-F6C9-4E91-BB35-2D5556449BB6}] => (Allow) C:\Users\Gustavo\AppData\Local\Programs\Opera\77.0.4054.90\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{854098FF-0E60-4010-BABF-725F5D108F42}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{3BC6D94C-3BDF-458D-8E44-597F5592B570}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{92F4BF69-BDD1-46A1-BEB8-3F9DD0B3B469}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{23D6E716-5929-4DD1-A4B2-78C04D1E7904}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{37D436C4-36FB-4DD2-B0E6-870AAA23B217}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{34E11FDC-884E-425B-8E63-5B21A0BB849E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{329E9D61-7004-4B5E-B6C0-928B830E1FE4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{7A9B38EB-AADD-4788-A9F8-C1F73912937E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Puntos de Restauración =========================

26-06-2021 16:11:09 Punto de control programado
29-06-2021 13:01:57 Operación de restauración
29-06-2021 17:54:43 AdwCleaner_BeforeCleaning_29/06/2021_17:54:42

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/30/2021 08:52:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/30/2021 08:52:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.


Errores del sistema:
=============
Error: (06/30/2021 08:53:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (06/30/2021 08:53:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (06/30/2021 08:53:51 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (06/30/2021 08:52:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (06/30/2021 08:52:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (06/30/2021 08:52:10 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (06/30/2021 06:55:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (06/30/2021 06:55:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 0502 02/04/2013
Placa base: ASUSTeK COMPUTER INC. H61M-E
Procesador: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Porcentaje de memoria en uso: 57%
RAM física total: 7879.95 MB
RAM física disponible: 3349.54 MB
Virtual total: 15758.04 MB
Virtual disponible: 11328.43 MB

==================== Unidades ================================

Drive c: (Sistema) (Fixed) (Total:195.31 GB) (Free:86.41 GB) NTFS
Drive d: (Backup) (Fixed) (Total:736.1 GB) (Free:574.28 GB) NTFS
Drive e: (X16-49332VS2010UltimTrialESN) (CDROM) (Total:2.46 GB) (Free:0 GB) UDF
Drive f: (GUSTAVO02) (Removable) (Total:0.23 GB) (Free:0.23 GB) FAT32

\\?\Volume{1af57f9a-3200-11e3-bbc7-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6708A456)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=736.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 5 (Size: 244 MB) (Disk ID: 8E9EA48F)
Partition 1: (Active) - (Size=244 MB) - (Type=0B)

==================== Final de Addition.txt =======================

Hola nuevamente.

Corta FRST desde donde lo ejecutaste:

Ejecutado desde D:\programas

Y pegalo en el en el Escritorio :+1:

Con esto arreglado realiza lo siguiente:

:one: Crea una copia de seguridad del registro con Registry Backup, no importa si es la versión portable o instalable:

Tweaking Registry Backup

  • Después de instalar o descomprimir ejecuta el programa (de ser portable es el ejecutable TweakingRegistryBackup.exe).
  • Asegurate que en la pestaña Registry Backup este todo moarcado.
  • En Backup Name puedes dejarlo por defecto o asignar algún nombre
  • Presiona el botón BackUp now

:two: Deshabilita nuevamente tu antivirus: ¿Cómo deshabilitar temporalmente su Antivirus?

:three: En el equipo, con los demás programas cerrados abra el notepad; puede abrirlo en la barra de búsqueda de windows y escribiendo notepad.exe

Posteriormente, copie y pegue este script de reparación dentro del Notepad comenzando en Start y terminando en End:

Start
SystemRestore: On
CreateRestorePoint:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\MountPoints2: {1af57f9f-3200-11e3-bbc7-806e6f6e6963} - E:\autorun.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {2295DF1A-A360-4B01-9F9A-6A0C722D69D9} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-500Core -> Ningún archivo <==== ATENCIÓN
Task: {4F2A22F7-8EDE-42DA-9AE7-850A883512BF} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-1001Core -> Ningún archivo <==== ATENCIÓN
Task: {E3D29CD6-B649-48F0-9E49-21DCFA6E2ADE} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-1001UA -> Ningún archivo <==== ATENCIÓN
Task: {F7E96E68-5B68-4166-875A-A4217BECC2C1} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-500UA -> Ningún archivo <==== ATENCIÓN
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\190.7.0\\npsitesafety.dll [Ningún archivo]
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
SearchScopes: HKU\S-1-5-21-1130279614-888213052-4176818564-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\19.7.0.632\AVG Secure Search_toolbar.dll => Ningún archivo
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\19.7.0.632\AVG Secure Search_toolbar.dll Ningún archivo
FirewallRules: [{9987AD93-914D-4A98-B2A2-B1E9F0C6F30C}] => (Allow) LPort=2869
FirewallRules: [{87006AEC-B0A4-45C4-84A3-A2AA497018B5}] => (Allow) LPort=1900
FirewallRules: [{CF63A92D-8111-4302-B279-2E5B672A7087}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe => Ningún archivo
FirewallRules: [{2929E95D-9B23-4A73-A197-E1120EB5768F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe => Ningún archivo
FirewallRules: [TCP Query User{EB4B969F-3CA8-410A-8516-999EB101D9AB}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe => Ningún archivo
FirewallRules: [UDP Query User{3C6578BC-047F-4765-BF55-0551DBA5E8C1}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe => Ningún archivo
FirewallRules: [TCP Query User{051B2F52-0F52-4D67-9800-C65FD45E4CDA}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [UDP Query User{01864010-10CE-44E3-BDD5-47D2919F404A}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [{EF79AFF9-C1F1-4618-AFE4-058E2FA68C79}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{5BE97EEA-0F42-4D57-904A-777AB2B92B86}C:\users\gustavo\appdata\local\temp\keygen.exe] => (Allow) C:\users\gustavo\appdata\local\temp\keygen.exe => Ningún archivo
FirewallRules: [UDP Query User{C92C1E93-87E8-4F4C-8A00-7A467210026B}C:\users\gustavo\appdata\local\temp\keygen.exe] => (Allow) C:\users\gustavo\appdata\local\temp\keygen.exe => Ningún archivo
FirewallRules: [{86511C68-4848-4E60-8D31-5B08772E8B2A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => Ningún archivo
FirewallRules: [{E4B7674E-A830-4EAC-ACFD-28532892F1E9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => Ningún archivo
FirewallRules: [{86511C68-4848-4E60-8D31-5B08772E8B2A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => Ningún archivo
FirewallRules: [{E4B7674E-A830-4EAC-ACFD-28532892F1E9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => Ningún archivo
FirewallRules: [TCP Query User{0F8C26B6-DF30-47F3-8983-F7E962BDF229}F:\xampp\mysql\bin\mysqld.exe] => (Allow) F:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [UDP Query User{8788E911-1D48-484D-A5D3-45377EAEB6A2}F:\xampp\mysql\bin\mysqld.exe] => (Allow) F:\xampp\mysql\bin\mysqld.exe => Ningún archivo
FirewallRules: [{C3C56659-440D-4379-8955-E3068D37AA6C}] => (Allow) LPort=7359
FirewallRules: [{F2A958BA-8845-47A0-AE0B-37B0CA3D7412}] => (Allow) LPort=8096
FirewallRules: [{FB21F478-29CE-4157-9A77-808DBC487D65}] => (Allow) LPort=8920
FirewallRules: [{676C7321-BF9B-49F0-A33F-73034E673EE1}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{A8393AC9-A3C0-488B-886B-4EBBB0459287}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{E59BC475-A12F-4CD1-8761-C34F0E9725FE}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{A3C0149D-C80A-451D-BC95-A2605F5D9546}] => (Allow) C:\Users\Gustavo\AppData\Roaming\Emby-Server\system\EmbyServer.dll => Ningún archivo
FirewallRules: [{0D143542-46D8-4085-A9BA-3DBAABEB6261}] => (Allow) LPort=3306
CMD: certutil -urlcache * delete
C:\WINDOWS\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*
C:\WINDOWS\ServiceProfiles\LocalService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*.*
C:\WINDOWS\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*
C:\WINDOWS\ServiceProfiles\NetworkService\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*.*
C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*
C:\WINDOWS\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\*.*

CMD: ipconfig /flushdns
CMD: ipconfig /renew
POWERSHELL: Get-BitsTransfer -AllUsers | Remove-BitsTransfer
EmptyTemp:
Hosts:
End
  • Vaya a Archivo y selecciona Guardar Como.
  • Guardelo bajo el nombre de fixlist.txt en el escritorio al igual que FRST. Esto es muy importante.

:warning: El anterior Script de reparación fue hecho específicamente por un miembro del Staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños a su equipo

  • Ejecute Frst.exe. y presione el botón Fix / Corregir
  • Espere pacientemente a que termine y no use el equipo. Al terminar el equipo podría reiniciarse
  • La Herramienta guardara el reporte en su escritorio (Fixlog.txt).

:four: Desinstala los siguientes programas. Puedes ocupar el panel de control, RevoUninstaller o lo que prefieras:

  • bl (Version: 1.0.0 - Your Company Name)
  • ph (Version: 1.0.0 - Your Company Name)

Si no ocupas algún programa de procedencia ruso puedes desinstalar también estas librerías:

  • Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS
  • Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS

Al terminar nos traerías el reporte de fixlog, y nos comentarías como te fue.

Saludos

No puedo guardar el archivo fixlist.txt, me dice que tiene caracteres no ANSI

Lo guardé como UTF-8 y funcionó

El archivo frst.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-06-2021
Ejecutado por Gustavo (administrador) sobre GUSTAVO-PC (01-07-2021 10:43:10)
Ejecutado desde D:\Users\Gustavo\Desktop
Perfiles cargados: Gustavo
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\No-IP\ducservice.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <3>
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Macrovision Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Opera Software AS -> Opera Software) C:\Users\Gustavo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [165120 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation) [Archivo no firmado]
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\Run: [Opera Browser Assistant] => C:\Users\Gustavo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-06-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1130279614-888213052-4176818564-1003\...\MountPoints2: {1af57f9f-3200-11e3-bbc7-806e6f6e6963} - E:\autorun.exe
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON SIDM BS64MonitorB: C:\Windows\system32\EBPMONB.DLL [108032 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\91.0.10364.116\Installer\chrmstp.exe [2021-06-23] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-06-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> "C:\Program Files (x86)\AVG\Browser\Application\88.0.7845.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0DC67154-A0D8-4F8B-9481-4ADF77DAABC9} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {10BF08B3-48EA-4FAA-8607-6803CDCB9920} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Gustavo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-30] (ESET, spol. s r.o. -> ESET)
Task: {2295DF1A-A360-4B01-9F9A-6A0C722D69D9} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-500Core -> Ningún archivo <==== ATENCIÓN
Task: {46F80F5F-5B10-4CC6-B3C4-72F485236D10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {4F2A22F7-8EDE-42DA-9AE7-850A883512BF} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-1001Core -> Ningún archivo <==== ATENCIÓN
Task: {5055FA5D-5230-4B1D-8524-A94657F08C52} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5F19C2FB-938C-4AE5-9C09-327E5AD809D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-26] (Google Inc -> Google Inc.)
Task: {66580A9F-BF33-4D09-A872-21F4EF91F8C1} - System32\Tasks\Opera scheduled suite Autoupdate 1508785205 => C:\Users\Gustavo\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=suite --component-path="C:\Users\Gustavo\AppData\Local\Programs\Opera\suite" $(Arg0)
Task: {6F1F0225-8496-4FA5-B2AD-2D162BABCFAA} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {7C8E4A4F-FEE7-4C29-852E-4BAC3E1EB152} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2280784 2021-06-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {95C4B004-4408-4F6D-BE50-71299B50C6B3} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [4734208 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {9A671862-2554-43C6-99EE-BF8B387B8950} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2280784 2021-06-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {AE5AE52E-09CE-4204-A739-FB9AAEB4E8FD} - System32\Tasks\{9C93AF72-0977-4A90-BC60-7467C44AAA9E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\IMAPSize\unins000.exe"
Task: {BD25B0CA-98E5-4D09-A43E-F1B2BA7F1D36} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-05-03] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {C75BD10C-1280-44A8-9B56-47AC3F4145FF} - System32\Tasks\Opera scheduled Autoupdate 1508785204 => C:\Users\Gustavo\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-29] (Opera Software AS -> Opera Software)
Task: {D5F66E0B-BA76-4554-BF79-0E9ABB4B5B92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {D9AD8F42-A26B-460B-B50E-CFFBFF7DD2D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {DC7AD484-1DF1-477A-88C7-842AD885B193} - System32\Tasks\Opera scheduled assistant Autoupdate 1547498651 => C:\Users\Gustavo\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Gustavo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {DE8721BF-3390-4157-AEAC-BB6A493CC24C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {DFB2F4B2-1405-4872-988F-6DACC90D83C8} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Gustavo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-30] (ESET, spol. s r.o. -> ESET)
Task: {E3D29CD6-B649-48F0-9E49-21DCFA6E2ADE} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-1001UA -> Ningún archivo <==== ATENCIÓN
Task: {F036930D-9731-45A3-9EA6-9C4F0E97CB3B} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {F7E96E68-5B68-4166-875A-A4217BECC2C1} - \GoogleUpdateTaskUserS-1-5-21-1130279614-888213052-4176818564-500UA -> Ningún archivo <==== ATENCIÓN
Task: {FD76069D-BE99-4C60-AC3C-84A280853A6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-26] (Google Inc -> Google Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-1001Core.job => C:\Users\Cotutiu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-1001UA.job => C:\Users\Cotutiu\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-500Core.job => C:\Users\Administrador\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3681723944-2444490198-2466880494-500UA.job => C:\Users\Administrador\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{15CF4B7E-FF5F-405F-B2DD-5CC5614AB670}: [DhcpNameServer] 186.130.128.250 186.130.129.250

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-09-01] [Heredado] [no firmado]
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll [2020-01-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\190.7.0\\npsitesafety.dll [Ningún archivo]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default [2021-07-01]
CHR Notifications: Default -> hxxps://emby.media; hxxps://plarium.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.prestashop.com
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR NewTab: Default ->  Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html", Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Extension: (Presentaciones) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26]
CHR Extension: (SEOquake) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2021-05-04]
CHR Extension: (Documentos) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26]
CHR Extension: (Google Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-17]
CHR Extension: (Hojas de cálculo) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
CHR Extension: (Cloud SWF Player with Drive) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhhaadihgfcgmlefioblaahpnglnkbk [2018-02-26]
CHR Extension: (Complemento inhabilitación Google Analytics) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2018-02-26]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Uber) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gijapfmjjfpakmbadajegooepglckjbg [2019-04-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-30]
CHR Extension: (Twitter) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2021-05-27]
CHR Extension: (Speed ​​Dial 2 Nueva pestaña) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-16]
CHR Extension: (E-Installer) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\knppogfjionnodifcoikfbmdcikecidm [2020-04-10]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2020-11-21]
CHR Extension: (Instagram) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2020-04-24]
CHR Extension: (PowerPoint Online) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2018-02-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
StartMenuInternet: Google Chrome.74FZJMUFTFTCEMJKTNDYEBUSQE - C:\Users\Administrador\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.HBYKIT5IEALIZ5YZBCEU7LYEK4 - C:\Users\Cotutiu\AppData\Local\Google\Chrome\Application\chrome.exe

Opera: 
=======
OPR Profile: C:\Users\Gustavo\AppData\Roaming\Opera Software\Opera Stable [2021-06-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Gustavo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-29]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-04-07] (philandro Software GmbH -> philandro Software GmbH)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [623800 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [354048 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [7936056 2021-03-29] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2020-10-26] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\91.0.10364.116\elevation_service.exe [1421328 2021-06-18] (AVG Technologies USA, LLC -> AVG Technologies)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-12-09] (Microsoft Corporation -> Microsoft Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Archivo no firmado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [35792 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [208688 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [365592 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [250392 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99376 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41416 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [178000 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [524544 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2020-06-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [107920 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83496 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [850248 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [466808 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [216488 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [327104 2021-03-26] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 IAMTVE; C:\Windows\system32\drivers\IAMTVE.sys [43416 2007-04-11] (Intel Corporation -> Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\drivers\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation -> Intel Corporation)
R0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [14336 2011-07-20] (secr9tos) [Archivo no firmado]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-03-13] (CyberLink -> CyberLink Corp.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-01 10:18 - 2021-07-01 10:18 - 000000207 _____ C:\Windows\tweaking.com-regbackup-GUSTAVO-PC-Windows-7-Ultimate-(64-bit).dat
2021-07-01 10:18 - 2021-07-01 10:18 - 000000000 ____D C:\RegBackup
2021-06-30 20:52 - 2021-07-01 10:43 - 000000000 ____D C:\FRST
2021-06-30 17:48 - 2021-06-30 17:48 - 000003774 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-06-30 17:48 - 2021-06-30 17:48 - 000003334 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-06-30 15:58 - 2021-06-30 15:58 - 000000000 ____D C:\Users\Gustavo\AppData\Local\ESET
2021-06-30 13:13 - 2021-06-30 13:26 - 000000000 ____D C:\Users\Gustavo\AppData\LocalLow\IGDump
2021-06-30 13:11 - 2021-06-30 13:11 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-06-30 13:11 - 2021-06-30 13:11 - 000001967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-30 13:11 - 2021-06-30 13:11 - 000001955 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-30 13:11 - 2021-06-30 13:11 - 000000000 ____D C:\Users\Gustavo\AppData\Local\mbam
2021-06-30 13:10 - 2021-06-30 13:10 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-06-30 13:10 - 2021-06-30 13:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-30 13:10 - 2021-06-30 13:10 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-29 20:08 - 2021-07-01 10:43 - 016515072 _____ C:\Windows\system32\config\SYSTEM
2021-06-29 19:09 - 2021-06-29 19:09 - 000003094 _____ C:\Windows\system32\Tasks\{9C93AF72-0977-4A90-BC60-7467C44AAA9E}
2021-06-29 17:53 - 2021-06-29 17:54 - 000000000 ____D C:\AdwCleaner
2021-06-29 13:08 - 2021-03-26 17:40 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2021-06-29 12:41 - 2021-06-29 12:41 - 000000324 _____ C:\DelFix.txt
2021-06-29 10:43 - 2021-06-30 13:40 - 015990784 _____ C:\Windows\system32\C_32770.NLS
2021-06-28 15:07 - 2021-06-28 19:36 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Code
2021-06-28 15:07 - 2021-06-28 15:07 - 000000000 ____D C:\Users\Gustavo\.vscode
2021-06-28 12:59 - 2021-06-29 10:46 - 000000000 ___HD C:\Users\Gustavo\AppData\Roaming\WinHost
2021-06-28 11:54 - 2021-06-29 13:06 - 000000000 ____D C:\Program Files\Sublime Text

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-01 10:27 - 2017-10-23 12:55 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\EditPlus
2021-07-01 09:40 - 2017-09-03 11:56 - 000000000 ____D C:\ProgramData\Avg
2021-07-01 09:32 - 2009-07-14 01:45 - 000013424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-07-01 09:32 - 2009-07-14 01:45 - 000013424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-07-01 09:30 - 2017-10-23 16:00 - 000004094 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1508785204
2021-07-01 09:25 - 2019-06-12 10:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-07-01 09:24 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-06-30 16:14 - 2020-02-19 12:16 - 000000000 ____D C:\Users\Gustavo\.openshot_qt
2021-06-30 13:46 - 2020-05-13 13:02 - 000004324 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1547498651
2021-06-30 13:43 - 2017-09-04 12:19 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2021-06-29 19:14 - 2021-04-05 10:11 - 000000950 _____ C:\Users\Gustavo\Desktop\IMAPSize.lnk
2021-06-29 19:14 - 2021-04-05 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMAPSize
2021-06-29 13:09 - 2017-11-27 14:43 - 000001975 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2021-06-29 13:07 - 2013-10-10 20:09 - 000000000 ____D C:\Users\Gustavo
2021-06-29 13:06 - 2018-10-18 21:04 - 000000000 ____D C:\xampp2
2021-06-29 13:06 - 2011-07-19 20:47 - 000000000 ____D C:\Users\Intel
2021-06-29 13:06 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2021-06-29 12:36 - 2017-09-01 21:43 - 000001456 _____ C:\Users\Gustavo\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2021-06-28 19:37 - 2009-07-13 23:34 - 023592960 _____ C:\Windows\system32\config\BCD00000000
2021-06-28 14:14 - 2017-10-23 17:29 - 000000000 ____D C:\Users\Gustavo\AppData\Local\CrashDumps
2021-06-28 11:54 - 2020-04-06 16:53 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Sublime Text 3
2021-06-25 18:53 - 2018-02-17 22:19 - 000000000 ____D C:\BrewMate
2021-06-23 17:41 - 2019-05-26 12:52 - 000003706 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-06-23 17:41 - 2019-05-26 12:52 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2021-06-23 17:41 - 2019-05-26 12:52 - 000002268 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2021-06-22 17:47 - 2018-10-23 20:38 - 000000000 ____D C:\Users\Gustavo\AppData\Local\ElevatedDiagnostics
2021-06-22 17:44 - 2017-10-23 16:11 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\FileZilla
2021-06-10 13:49 - 2017-12-19 09:30 - 000002066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-07 11:04 - 2021-04-08 13:16 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-06-07 10:49 - 2020-09-16 10:49 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\AnyDesk
2021-06-05 18:05 - 2020-01-14 11:30 - 000003872 _____ C:\Windows\system32\Tasks\BlueStacksHelper
2021-06-05 18:05 - 2018-09-16 19:42 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-06-05 18:05 - 2018-04-12 10:13 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-06-05 18:05 - 2018-02-26 14:07 - 000003470 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-05 18:05 - 2018-02-26 14:07 - 000003342 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-05 18:05 - 2017-10-23 16:00 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled suite Autoupdate 1508785205
2021-06-05 18:05 - 2017-09-04 21:19 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-06-05 18:05 - 2013-10-18 17:16 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-06-05 18:05 - 2012-09-19 10:09 - 000002776 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-06-05 18:05 - 2012-09-18 10:08 - 000003230 _____ C:\Windows\system32\Tasks\SidebarExecute

==================== Archivos en la raíz de algunos directorios ========

2018-10-23 18:46 - 2020-10-08 13:15 - 000000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe BMP Format CS6 Prefs
2019-05-07 18:40 - 2019-05-07 18:43 - 000000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2018-07-04 20:17 - 2019-01-31 18:53 - 000000132 _____ () C:\Users\Gustavo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-09-26 13:27 - 2018-05-07 15:19 - 000000130 _____ () C:\Users\Gustavo\AppData\Roaming\default.rss
2019-03-27 13:04 - 2019-03-27 17:19 - 000001020 _____ () C:\Users\Gustavo\AppData\Roaming\editplus_u.ini
2017-09-01 21:43 - 2021-06-29 12:36 - 000001456 _____ () C:\Users\Gustavo\AppData\Local\Adobe Guardar para Web 11.0 Prefs
2019-09-03 19:18 - 2019-09-03 19:18 - 000003584 _____ () C:\Users\Gustavo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-14 21:06 - 2020-03-14 21:06 - 000007597 _____ () C:\Users\Gustavo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-06-21 16:06
==================== Final de FRST.txt ========================

Hola nuevamente,

Este es el Frst.txt. El que ocuparíamos es fixlog

Si tienes duda revisa el procedimiento ya que me parece volviste a escanear y ocupamos la opción de corregir. Si tienes algún otro problema o duda nos avisas.

Saludos

No puedo poner el fixlog.txt es muy extenso. Supera los 65000 caracteres

Hola nuevamente,

Una disculpa, se me traspapelo tu tema :grimacing:

Pegalo en partes o adjuntalo:

Si fuese muy grande trae lo más que puedas del inicio y algo del final. Debe haber varias lineas que sean muy similares y pueden omitirse.

Saludos