Computadora funciona lentísima, imposible abrir un word si quiera

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 1/5/20
Hora del análisis: 19:38
Archivo de registro: 6b31153e-8bfc-11ea-a3b0-8c164544c175.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.889
Versión del paquete de actualización: 1.0.23286
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-VJ6900SD\sofia Cunha

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 297328
Amenazas detectadas: 26
Amenazas en cuarentena: 26
Tiempo transcurrido: 16 min, 9 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
PUP.Optional.Eaburl, HKU\S-1-5-21-796648814-1908363682-2084299599-1006\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|apbllhlpimnkljppmmdbiipfbjjimjgj, En cuarentena, 216, 659009, , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 6
PUP.Optional.Iminent, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 84, 455248, , , , 
PUP.Optional.Eaburl, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\apbllhlpimnkljppmmdbiipfbjjimjgj, En cuarentena, 216, 659009, , , , 
PUP.Optional.Eaburl, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 216, 659009, , , , 
PUP.Optional.Iminent, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 84, 455248, , , , 
PUP.Optional.ASK, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 281, 454825, , , , 

Archivo: 19
PUP.Optional.BundleInstaller, C:\$RECYCLE.BIN\S-1-5-21-796648814-1908363682-2084299599-1006\$R8KU8XX.EXE, En cuarentena, 504, 800966, 1.0.23286, , ame, 
PUP.Optional.BundleInstaller, C:\$RECYCLE.BIN\S-1-5-21-796648814-1908363682-2084299599-1006\$RT01K73.EXE, En cuarentena, 504, 800966, 1.0.23286, , ame, 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000878.log, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000880.ldb, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 84, 455248, , , , 
PUP.Optional.Iminent, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 84, 455248, 1.0.23286, , ame, 
PUP.Optional.Eaburl, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 216, 659009, , , , 
PUP.Optional.Eaburl, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, 216, 659009, , , , 
PUP.Optional.Eaburl, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 216, 659009, 1.0.23286, , ame, 
PUP.Optional.Iminent, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 84, 455248, 1.0.23286, , ame, 
CrackTool.Agent, C:\USERS\SOFIC\DESKTOP\ADOBE\ACTIVADOR DE ADOBE.RAR, En cuarentena, 5978, 445980, 1.0.23286, 000000000000000000000003, dds, 00701100
CrackTool.Agent, C:\USERS\SOFIC\DESKTOP\ADOBE\ACTIVADOR DEL PHOTOSHOP CC 2017.RAR, En cuarentena, 5978, 445980, 1.0.23286, 000000000000000000000003, dds, 00701100
PUP.Optional.Iminent, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 84, 455248, 1.0.23286, , ame, 
PUP.Optional.ASK, C:\USERS\SOFIC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 281, 454825, 1.0.23286, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-01-2020
# Duration: 00:00:46
# OS:       Windows 10 Home Single Language
# Cleaned:  23
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Host App Service
Deleted       C:\Users\Default\AppData\Local\Host App Service
Deleted       C:\Users\SoCun\AppData\Local\Host App Service
Deleted       C:\Users\sofic\AppData\Local\Host App Service
Deleted       C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted       C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service

***** [ Files ] *****

Deleted       C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Deleted       HKCU\Software\App Host Service
Deleted       HKCU\Software\Conduit
Deleted       HKCU\Software\Host App Service
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{389DE58D-0BE1-411B-9DDF-F6E14AE06CE9} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted       HKLM\Software\Wow6432Node\Conduit
Deleted       HKU\S-1-5-19\Software\Host App Service
Deleted       HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKU\S-1-5-20\Software\Host App Service
Deleted       HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted   StartWeb

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Users\sofic\AppData\Local\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3283 octets] - [01/05/2020 20:20:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Hola @Sofia_Cunha

Y como siguió el equipo luego de ejecutar las herramientas?

Realiza lo siguiente:

Paso 1:

1.- Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

2.- Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

  • Este no da reporte cuando te encuentres, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

Paso 2:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan/Analizar y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Hola @SanMar, cómo estás? Muchas gracias por responder! Ahí estoy siguiendo las indicaciones que me dejaste, voy a ir cargando los resultados a medida que los obtenga. En principio funciona algo mejor, sin embargo tiende a colgarse un poco todavía. De nuevo, muchas gracias! Saludos

Hola @Sofia_Cunha

Perfecto, por acá esperamos esos reportes…:coffee:

Si no te entraran todos en un post, puedes utilizar mas de uno.

Salu2

Hola @SanMar, bueno despupés de muchísimas horas terminó de correr el ESET online Scanner, copio el resultado.

2/5/2020 19:13:48
Archivos explorados: 335928
Archivos detectados: 11
Archivos desinfectados: 9
Tiempo total de exploración 03:41:10
Estado de la exploración: Finalizado
C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-961.vpx	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Users\sofic\AppData\Roaming\BitTorrent\updates\7.10.5_44995.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\AppData\Roaming\BitTorrent\updates\7.10.5_45272.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\AppData\Roaming\BitTorrent\updates\7.10.5_45312.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\AppData\Roaming\BitTorrent\updates\7.10.5_45416.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\AppData\Roaming\BitTorrent\updates\7.10.5_45496.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\AppData\Roaming\BitTorrent\updates\7.10.5_45597.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\AppData\Roaming\BitTorrent\BitTorrent.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\sofic\Desktop\Adobe\DRCC18v64-SFT\DRCC18v64-SFT\Patch.PainteR.2.0.amtemu.v0.9.2\adobe.snr.patch.v2.0-painter.zip	una variante de Win32/HackTool.Patcher.CH aplicación potencialmente no segura	eliminado

C:\Users\sofic\Desktop\Adobe\DRCC18v64-SFT\DRCC18v64-SFT\Patch.PainteR.2.0.amtemu.v0.9.2\amtemu.v0.9.2.win-painter.zip	una variante de Win32/HackTool.Crack.FS aplicación potencialmente no segura	eliminado

Hola @Sofia_Cunha

Perfecto, esperamos el resto de los reportes…:coffee:

Salu2

Kasperky Virus Removal no encontró nada, voy con la fase dos , gracias <3

Hola @Sofia_Cunha

Vale, si te dice que los reportes son muy largos (FRST) utiliza el Método 4 de la Guia de como pegar reportes.

Salu2

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por sofia Cunha (03-05-2020 11:02:40)
Ejecutado desde C:\Users\sofic\Downloads
Windows 10 Home Single Language Versión 1903 18362.778 (X64) (2019-09-13 02:10:49)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-796648814-1908363682-2084299599-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-796648814-1908363682-2084299599-503 - Limited - Disabled)
Invitado (S-1-5-21-796648814-1908363682-2084299599-501 - Limited - Disabled)
sofia Cunha (S-1-5-21-796648814-1908363682-2084299599-1006 - Administrator - Enabled) => C:\Users\sofic
WDAGUtilityAccount (S-1-5-21-796648814-1908363682-2084299599-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_1) (Version: 16.1.1 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.438 - AVAST Software)
BitTorrent (HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\BitTorrent) (Version: 7.10.5.45597 - BitTorrent Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{1E865530-23B4-4FD8-AFDD-093A8CDD9098}) (Version: 4.1.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 81.0.4054.116 - Los creadores de CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.913.0 - Piriform Software) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Estudio para la mejora del producto HP DeskJet 4530 series (HKLM\...\{32FA045B-608B-47E5-8522-010017929DC3}) (Version: 40.11.1122.1796 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP DeskJet 4530 series Ayuda (HKLM-x32\...\{AB2A9C80-BE8F-4957-89C0-49BAB13D7ED7}) (Version: 36.0.0 - Hewlett Packard)
HP DeskJet 4530 series Software básico del dispositivo (HKLM\...\{642DCD8A-A10D-451E-BC8B-DFFB61830903}) (Version: 40.11.1122.1796 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{7BEBB31E-58C4-4FA5-9AD1-ACBE32BF0D12}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{63BD9C12-5CE9-4294-B1C3-A09F971FAFB5}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.1.82.0 - Lenovo Group Ltd.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{76094755-B22B-4186-A5A3-13A7C92D5E5B}) (Version: 2.66.1 - The Pokémon Company International)
qBittorrent 4.1.6 (HKLM-x32\...\qBittorrent) (Version: 4.1.6 - The qBittorrent project)
Skype versión 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Stremio (HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\Stremio) (Version: 4.4.77 - Smart Code Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}) (Version: 24.0.14033 - Corel Corporation)
Zoom (HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2020-04-16] (Microsoft Corporation)
Extensión de video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-04-15] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2003.10.0_x64__k1h2ywk1493x8 [2020-03-25] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.4.0_x64__5grkq8ppsgwt4 [2020-01-10] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-18] (Microsoft Corporation) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.9516.0_x86__m916jedk64snt [2019-05-18] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.1.9528.0_x86__m916jedk64snt [2019-05-18] (CYBERLINKCOM CORPORATION)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-04-22] (Spotify AB) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll [2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxDTCM.dll [2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2020-04-19 17:40 - 2020-04-19 17:40 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-19 17:40 - 2020-04-19 17:40 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2019-11-11 12:53 - 2018-09-05 21:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-09-29 10:46 - 2017-09-29 10:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\sofic\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
DNS Servers: 200.49.130.52 - 200.42.4.199
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe Ningún archivo
FirewallRules: [{E2A97307-B239-473C-AB92-A7CB48AE1C1B}] => (Allow) C:\Users\sofic\AppData\Roaming\BitTorrent\BitTorrent.exe Ningún archivo
FirewallRules: [{21AFF68F-92C0-4F02-9E1D-E469593CC6CC}] => (Allow) C:\Users\sofic\AppData\Roaming\BitTorrent\BitTorrent.exe Ningún archivo
FirewallRules: [{7AD43139-2299-4D9F-8217-E962E3E43A27}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{52DEA340-D013-47FA-806F-8648D9D7ADE2}] => (Allow) LPort=5357
FirewallRules: [{1FEA1437-2D8A-41D2-AD8A-2A0E4062B3F8}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{FBFDDB1E-0552-45D6-AF95-801CA99DDF2B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{CC096AFC-09CC-4B6D-8DCB-F422B24A649D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{A474226B-3048-4619-A5E0-9D5B057F9D1A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Ningún archivo
FirewallRules: [{CB177074-BB44-44A9-A373-4118563A54F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe Ningún archivo
FirewallRules: [{C8DAA2B5-F825-4814-97D5-14C60F5C6236}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Ningún archivo
FirewallRules: [{3AFDEBF9-94D6-4052-B2C3-07776FBE6A0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Ningún archivo
FirewallRules: [{826480E2-28FA-417D-A1AA-457C16346261}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Underlords\game\bin\win64\underlords.exe Ningún archivo
FirewallRules: [{9A7DF504-8F49-43D4-B61F-D5BE525220D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Underlords\game\bin\win64\underlords.exe Ningún archivo
FirewallRules: [TCP Query User{F9883A49-0844-4ACE-ABB7-07226F832DCC}C:\users\sofic\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\sofic\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{F49C99F5-F39D-4F0E-A231-A9E7461EA329}C:\users\sofic\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\sofic\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{6DC04BB9-CF13-4820-9A71-B236ED41774D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Ningún archivo
FirewallRules: [TCP Query User{E306FB55-7A76-4B01-85D0-3751D9E737EC}C:\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\the sims 4\game\bin\ts4_x64.exe Ningún archivo
FirewallRules: [UDP Query User{A2C77D3F-1BB2-4D8D-A74E-C5510B02CD4E}C:\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\the sims 4\game\bin\ts4_x64.exe Ningún archivo
FirewallRules: [TCP Query User{0C910B1A-50E3-4FE4-B42D-416A81CB2941}C:\the sims 4\game\bin_le\ts4.exe] => (Allow) C:\the sims 4\game\bin_le\ts4.exe Ningún archivo
FirewallRules: [UDP Query User{C0CE116F-8E07-431B-9361-02F44E6542AA}C:\the sims 4\game\bin_le\ts4.exe] => (Allow) C:\the sims 4\game\bin_le\ts4.exe Ningún archivo
FirewallRules: [{650F4BCE-B5F8-4137-8166-8F5C64AF4CE9}] => (Allow) C:\Users\sofic\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6CF37D84-F162-4F99-B616-FB2E48AC6807}] => (Allow) C:\Users\sofic\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{20FE4FD8-7259-4A72-84D0-8C4B5407DE4D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00DF105D-0EFF-4F8A-AE4D-B0E988F17C85}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA83F62D-5C39-4821-9AC7-FC024F5963D9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D0A33FC8-4F66-437F-A538-308972E6D4BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74CD604E-71F5-4F2A-82E8-95C655B6AE63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4AB83B78-4093-463F-8359-335B08C96895}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{57172107-FA15-4D98-B3BC-2076F9F5F6F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6A0BAD4-5A96-4803-A9E0-BCA49DFEBCAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FE0523B7-98FA-4026-8DB1-7E1FE9747E6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{880DEAAC-95BB-4243-A6E2-73F10EF8D4F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E804ADF-6510-4EA2-AD5A-848BD6970197}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0C66C2B5-455C-4ED0-871B-9FDD00B6C127}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

22-04-2020 16:40:18 Punto de control programado
30-04-2020 15:49:36 Punto de control programado
01-05-2020 20:21:18 AdwCleaner_BeforeCleaning_01/05/2020_20:21:16

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/03/2020 02:32:28 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/02/2020 10:53:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8308,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/02/2020 09:52:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10940,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/02/2020 09:12:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WINWORD.EXE (versión 16.0.12624.20466) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 6bc

Hora de Inicio: 01d620ce0a8ce54f

Hora de finalización: 1169

Ruta de la aplicación: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE

Id. de informe: 8b8f5b1a-ebce-4098-854b-b303ec2e7ed1

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Unknown

Error: (05/02/2020 05:42:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8264,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/02/2020 05:12:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9276,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/02/2020 04:42:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2140,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/02/2020 03:29:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3956,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (05/02/2020 03:31:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/02/2020 03:31:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sofic\AppData\Local\Temp\ehdrv.sys

Error: (05/02/2020 03:31:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/02/2020 03:31:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sofic\AppData\Local\Temp\ehdrv.sys

Error: (05/02/2020 03:31:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/02/2020 03:31:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sofic\AppData\Local\Temp\ehdrv.sys

Error: (05/02/2020 03:31:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/02/2020 03:31:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\sofic\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2019-11-11 19:36:42.642
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Supervisión de comportamiento
Código de error: 0x80508023
Descripción del error: El programa no encontró malware ni otro software potencialmente no deseado en este dispositivo. 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

CodeIntegrity:
===================================

Date: 2020-05-03 10:58:25.264
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:58:24.583
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:57:10.978
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:57:04.524
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:57:04.505
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:57:02.312
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:57:02.309
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 10:57:01.935
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO 4WCN46WW 12/30/2019
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Porcentaje de memoria en uso: 82%
RAM física total: 3970.72 MB
RAM física disponible: 677.99 MB
Virtual total: 8066.72 MB
Virtual disponible: 3868.86 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:1836.77 GB) (Free:1594.02 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.3 GB) NTFS

\\?\Volume{43100c67-b72d-4f85-9629-bffe37dc8eb9}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{1a403004-a0be-4dce-85ce-55388d20e087}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D0556402)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola @Sofia_Cunha

Falta el reporte de FRST.txt, deberías tenerlo en el escritorio.

Adjuntalo en tu próxima respuesta.

Salu2

@SanMar, hola cómo estás? No me aparece el archivo en el escritorio. Decís que pase de nuevo el FRST?

Que tengas una linda semana!

Saludos

Hola @Sofia_Cunha

Ejecuta nuevamente FRST, te dejara dos archivos en tu escritorio Addition y FRST, pega ambos en tu próxima respuesta.

Salu2

Hola @SanMar, cómo estás? bueno finalmente lo logré, desde ya te digo que está funcionando increíble después de todo esto. Muchas gracias! Copio los resultados

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 03-05-2020
Ejecutado por sofia Cunha (administrador) sobre LAPTOP-VJ6900SD (LENOVO 80XL) (07-05-2020 23:48:10)
Ejecutado desde C:\Users\sofic\Desktop
Perfiles cargados: sofia Cunha (Perfiles disponibles: sofia Cunha)
Platform: Windows 10 Home Single Language Versión 1903 18362.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <12>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{277542C3-B6D9-484A-A1BD-B5201D938E23}\81.0.4044.138_81.0.4044.129_chrome_updater.exe
(Google LLC -> Google LLC) C:\Windows\Temp\CR_FB08C.tmp\setup.exe <2>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.4.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436704 2020-02-25] (Corel Corporation -> WinZip Computing, S.L.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132321555\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132336966\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132321914\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132337481\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1579368 2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1579368 2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #6] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #7] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #8] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #9] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #10] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #11] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #6] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #7] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #8] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #9] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #10] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #11] => C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [1948456 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\81.0.4054.116\Installer\chrmstp.exe [2020-05-01] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-28] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Precargador WinZip.lnk [2020-04-04]
ShortcutTarget: Precargador WinZip.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02B055D7-9811-45BD-89E7-54C96D84BFFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0823DB01-2AF7-4170-9FB4-A34674E2008F} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
Task: {2FA8F770-9DCE-4707-A282-3784B1D3FF5E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {315ADA16-D4AE-412A-8DAD-CE99FD2A8302} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B992451-C04C-48BD-8A28-D9988BA6AB03} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
Task: {4DA76DD8-6D32-46E8-B27A-9EE50E749C0B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {58A0FD3E-FC56-4EA6-AC54-5CB1A9AB35A1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FA1C4A4-27FD-4698-8DB3-2B749DD20156} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-05-01] (Piriform Software Ltd -> Piriform Software)
Task: {621CCECF-07CB-4DC2-A8C6-EB76789EEFEF} - \Lenovo\ImController\TimeBasedEvents\9d01bfdd-fc4a-4e20-b67e-9b7daa958441 -> Ningún archivo <==== ATENCIÓN
Task: {62C1FD80-9C79-4F5F-B07B-8C803B572348} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-05-01] (Piriform Software Ltd -> Piriform Software)
Task: {6ACCC807-7658-4C41-850A-05D754935FD2} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {6E026D6B-E869-4E67-97F2-D769BD022DF4} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {704B2EF6-4BF2-4F3F-8B2B-A0B33FC5881A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1429400 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {737BC8E2-0EDB-48C5-96EF-6515028CBC84} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {81A7F330-D7A8-44FE-87E4-806FC56BD93D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-18] (Google Inc -> Google LLC)
Task: {8E583002-0D40-4D8A-BD61-0A80071F2E47} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {91A23D8C-1A94-4FFD-ACB0-7FDB67086821} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9235E363-2059-4FA0-8F51-0648E277889C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2731368 2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {94A3B07A-3CB5-418A-951E-829829E3AB89} - \Lenovo\ImController\TimeBasedEvents\5664cba1-af94-4a9f-a4fa-d413001a7285 -> Ningún archivo <==== ATENCIÓN
Task: {9C850D9B-BD87-4FB3-921E-04F2FCCDF37B} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2020-02-25] (Corel Corporation -> Corel Corporation)
Task: {AD8AA4FB-01DC-4719-9FA4-E65C57061CD6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {B4FE96F5-A68D-4CB1-9768-AB55F32F7156} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B82DE8BE-31EB-4BA2-9895-052A32D433C1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\sofic\Downloads\esetonlinescanner.exe [14566496 2020-05-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {C5DE102E-3B6F-40F1-952F-7563C46890CF} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
Task: {C67E8103-59F5-4EE1-B891-DBB5A938C6AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC70296A-FCB4-4BE2-AFDB-FEB90D6BE8FD} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\sofic\Downloads\esetonlinescanner.exe [14566496 2020-05-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {D32C922D-6CFF-47E9-B3AA-508245F7F5DD} - \Lenovo\ImController\TimeBasedEvents\3018ca52-22e3-499e-9e81-47000884cf26 -> Ningún archivo <==== ATENCIÓN
Task: {D67C4082-ECEF-4979-A47A-92F9B0513BB7} - \Lenovo\ImController\TimeBasedEvents\fda44467-d349-40b8-993f-369475865968 -> Ningún archivo <==== ATENCIÓN
Task: {D89236DC-1CFB-4F04-A091-3D06C384F913} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-18] (Google Inc -> Google LLC)
Task: {F126F9D8-85C6-44F4-81BC-CCA632A0E5BC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F3DEE243-EE4A-401D-A3E7-677B076C83B7} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 200.49.130.47 200.42.4.203
Tcpip\..\Interfaces\{7f2fcefe-f078-420b-84e4-c42ec05f54db}: [DhcpNameServer] 150.203.1.2
Tcpip\..\Interfaces\{9a36b871-819d-43b4-ac9e-d94d301464eb}: [DhcpNameServer] 200.49.130.47 200.42.4.203

Internet Explorer:
==================
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\npCCleanerBrowserUpdate3.dll [2020-05-01] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.913.0\npCCleanerBrowserUpdate3.dll [2020-05-01] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-796648814-1908363682-2084299599-1006: @zoom.us/ZoomVideoPlugin -> C:\Users\sofic\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601: @zoom.us/ZoomVideoPlugin -> C:\Users\sofic\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309: @zoom.us/ZoomVideoPlugin -> C:\Users\sofic\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default [2020-05-07]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-18]
CHR Extension: (Documentos) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-18]
CHR Extension: (Google Drive) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-18]
CHR Extension: (YouTube) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-18]
CHR Extension: (uBlock Origin) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-24]
CHR Extension: (Adblock para Youtube™) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-12]
CHR Extension: (Zinopziz) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\egomdofohjpgcioplgdhkaaeidjhfnnj [2019-05-18]
CHR Extension: (Hojas de cálculo) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-18]
CHR Extension: (Cablevisión Flow) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfbnbmbkemlokfckhdoaakhjogffkinc [2019-05-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-24]
CHR Extension: (HP Smart Print) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2019-05-18]
CHR Extension: (Office) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2020-04-24]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Evernote Web Clipper) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2020-04-06]
CHR Extension: (Gmail) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\sofic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-05-01] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-05-01] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2142056 2020-04-14] (Microsoft Corporation -> Microsoft Corporation)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2414264 2017-09-21] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [532968 2018-06-13] (Intel Corporation -> Intel Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\LenovoVantageService.exe [16648 2020-01-03] (Lenovo -> Lenovo Group Ltd.)

Hola @Sofia_Cunha

Buenisimo.:+1:

Los reportes quedaron incompletos les falta alguna linea.

Adjuntalos siguiendo los pasos del Método 4 de la guía.

Vamos que nos falta poco…:+1:

Salu2

FRST.txt (96,1 KB) Addition.txt (21,7 KB)

Hola @SanMar, ahí los subí correctamente? gracias

Hola @Sofia_Cunha

Paso 1:

Con mucha atención sigue estos pasos:

Desinstala con Revo Uninstaller en su Modo Avanzado:

  • Ccleaner Browser.

Manual de Revo Uninstaller.

Paso 2:

Descarga las Herramientas especificas para desinstalar los restos de antivirus:

  • Avast.
  • Panda Dome

Paso 3:

Luego de reiniciar:

1.- Muy Importante >>> Realizar nuevamente una copia de Seguridad de su Registro.

  • Descarga/Ejecuta DelFix desde el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego ve a::

2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\81.0.4054.116\Installer\chrmstp.exe [2020-05-01] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-28] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {4DA76DD8-6D32-46E8-B27A-9EE50E749C0B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {621CCECF-07CB-4DC2-A8C6-EB76789EEFEF} - \Lenovo\ImController\TimeBasedEvents\9d01bfdd-fc4a-4e20-b67e-9b7daa958441 -> Ningún archivo <==== ATENCIÓN
Task: {6ACCC807-7658-4C41-850A-05D754935FD2} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {94A3B07A-3CB5-418A-951E-829829E3AB89} - \Lenovo\ImController\TimeBasedEvents\5664cba1-af94-4a9f-a4fa-d413001a7285 -> Ningún archivo <==== ATENCIÓN
Task: {AD8AA4FB-01DC-4719-9FA4-E65C57061CD6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {B82DE8BE-31EB-4BA2-9895-052A32D433C1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\sofic\Downloads\esetonlinescanner.exe [14566496 2020-05-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {CC70296A-FCB4-4BE2-AFDB-FEB90D6BE8FD} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\sofic\Downloads\esetonlinescanner.exe [14566496 2020-05-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {D32C922D-6CFF-47E9-B3AA-508245F7F5DD} - \Lenovo\ImController\TimeBasedEvents\3018ca52-22e3-499e-9e81-47000884cf26 -> Ningún archivo <==== ATENCIÓN
Task: {D67C4082-ECEF-4979-A47A-92F9B0513BB7} - \Lenovo\ImController\TimeBasedEvents\fda44467-d349-40b8-993f-369475865968 -> Ningún archivo <==== ATENCIÓN
Task: {F3DEE243-EE4A-401D-A3E7-677B076C83B7} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
U1 aswbdisk; no ImagePath
2020-05-02 19:15 - 2020-05-02 19:15 - 000003816 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-05-02 19:15 - 2020-05-02 19:15 - 000003374 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-05-02 15:42 - 2020-05-02 15:44 - 000000000 ____D C:\KVRT_Data
2020-05-02 15:32 - 2020-05-02 15:33 - 177094072 _____ (AO Kaspersky Lab) C:\Users\sofic\Downloads\KVRT.exe
2020-05-02 15:27 - 2020-05-02 15:27 - 000000657 _____ C:\Users\sofic\Desktop\ESET Online Scanner.lnk
2020-05-02 15:26 - 2020-05-02 15:26 - 014566496 _____ (ESET spol. s r.o.) C:\Users\sofic\Downloads\esetonlinescanner.exe
2020-05-02 15:26 - 2020-05-02 15:26 - 000000756 _____ C:\Users\sofic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-05-02 15:26 - 2020-05-02 15:26 - 000000000 ____D C:\Users\sofic\AppData\Local\ESET
2020-04-16 01:55 - 2020-04-16 01:55 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-10 23:14 - 2020-04-10 23:14 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2020-05-03 13:27 - 2019-11-11 12:11 - 000000000 ____D C:\Users\sofic\AppData\Roaming\AVAST Software
2020-05-03 13:27 - 2019-11-11 12:03 - 000000000 ____D C:\Program Files\AVAST Software
2020-05-03 13:27 - 2019-05-23 23:46 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-02 16:37 - 2019-05-23 23:40 - 000000000 ____D C:\Users\sofic\AppData\Roaming\BitTorrent
2020-05-02 15:18 - 2020-01-09 20:25 - 000000000 ____D C:\Users\sofic\AppData\LocalLow\BitTorrent
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

3.- Inicie su ordenador en >>> Modo Seguro >>> Aplicable a Windows 10. o Windows 7.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix/Corregir y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas…

Salu2

Hola @SanMar,
Ya seguí todos estos últimos pasos. Te copio el último resultado. Muchas gracias! 
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 03-05-2020
Ejecutado por sofia Cunha (09-05-2020 16:26:19) Run:1
Ejecutado desde C:\Users\sofic\Desktop
Perfiles cargados: sofia Cunha (Perfiles disponibles: sofia Cunha)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\81.0.4054.116\Installer\chrmstp.exe [2020-05-01] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-28] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {4DA76DD8-6D32-46E8-B27A-9EE50E749C0B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Ningún archivo <==== ATENCIÓN
Task: {621CCECF-07CB-4DC2-A8C6-EB76789EEFEF} - \Lenovo\ImController\TimeBasedEvents\9d01bfdd-fc4a-4e20-b67e-9b7daa958441 -> Ningún archivo <==== ATENCIÓN
Task: {6ACCC807-7658-4C41-850A-05D754935FD2} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {94A3B07A-3CB5-418A-951E-829829E3AB89} - \Lenovo\ImController\TimeBasedEvents\5664cba1-af94-4a9f-a4fa-d413001a7285 -> Ningún archivo <==== ATENCIÓN
Task: {AD8AA4FB-01DC-4719-9FA4-E65C57061CD6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Ningún archivo <==== ATENCIÓN
Task: {B82DE8BE-31EB-4BA2-9895-052A32D433C1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\sofic\Downloads\esetonlinescanner.exe [14566496 2020-05-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {CC70296A-FCB4-4BE2-AFDB-FEB90D6BE8FD} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\sofic\Downloads\esetonlinescanner.exe [14566496 2020-05-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {D32C922D-6CFF-47E9-B3AA-508245F7F5DD} - \Lenovo\ImController\TimeBasedEvents\3018ca52-22e3-499e-9e81-47000884cf26 -> Ningún archivo <==== ATENCIÓN
Task: {D67C4082-ECEF-4979-A47A-92F9B0513BB7} - \Lenovo\ImController\TimeBasedEvents\fda44467-d349-40b8-993f-369475865968 -> Ningún archivo <==== ATENCIÓN
Task: {F3DEE243-EE4A-401D-A3E7-677B076C83B7} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Ningún archivo <==== ATENCIÓN
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
U1 aswbdisk; no ImagePath
2020-05-02 19:15 - 2020-05-02 19:15 - 000003816 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-05-02 19:15 - 2020-05-02 19:15 - 000003374 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-05-02 15:42 - 2020-05-02 15:44 - 000000000 ____D C:\KVRT_Data
2020-05-02 15:32 - 2020-05-02 15:33 - 177094072 _____ (AO Kaspersky Lab) C:\Users\sofic\Downloads\KVRT.exe
2020-05-02 15:27 - 2020-05-02 15:27 - 000000657 _____ C:\Users\sofic\Desktop\ESET Online Scanner.lnk
2020-05-02 15:26 - 2020-05-02 15:26 - 014566496 _____ (ESET spol. s r.o.) C:\Users\sofic\Downloads\esetonlinescanner.exe
2020-05-02 15:26 - 2020-05-02 15:26 - 000000756 _____ C:\Users\sofic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-05-02 15:26 - 2020-05-02 15:26 - 000000000 ____D C:\Users\sofic\AppData\Local\ESET
2020-04-16 01:55 - 2020-04-16 01:55 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-10 23:14 - 2020-04-10 23:14 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2020-05-03 13:27 - 2019-11-11 12:11 - 000000000 ____D C:\Users\sofic\AppData\Roaming\AVAST Software
2020-05-03 13:27 - 2019-11-11 12:03 - 000000000 ____D C:\Program Files\AVAST Software
2020-05-03 13:27 - 2019-05-23 23:46 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-02 16:37 - 2019-05-23 23:40 - 000000000 ____D C:\Users\sofic\AppData\Roaming\BitTorrent
2020-05-02 15:18 - 2020-01-09 20:25 - 000000000 ____D C:\Users\sofic\AppData\LocalLow\BitTorrent
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
CustomCLSID: HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Procesos cerrados correctamente.
"HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F" => eliminado correctamente
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\Run: [GoogleChromeAutoLaunch_8A779650971CF2263B6581F78BA4A87F] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\...\RunOnce: [Application Restart #12] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKLM\Software\Microsoft\Active Setup\Installed Components\{052EB454-9F19-CB42-7875-807F79F311C4} => no encontrado
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4DA76DD8-6D32-46E8-B27A-9EE50E749C0B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DA76DD8-6D32-46E8-B27A-9EE50E749C0B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{621CCECF-07CB-4DC2-A8C6-EB76789EEFEF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{621CCECF-07CB-4DC2-A8C6-EB76789EEFEF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\9d01bfdd-fc4a-4e20-b67e-9b7daa958441" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ACCC807-7658-4C41-850A-05D754935FD2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ACCC807-7658-4C41-850A-05D754935FD2}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\LenovoUtility Task => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94A3B07A-3CB5-418A-951E-829829E3AB89}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94A3B07A-3CB5-418A-951E-829829E3AB89}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\5664cba1-af94-4a9f-a4fa-d413001a7285" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD8AA4FB-01DC-4719-9FA4-E65C57061CD6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD8AA4FB-01DC-4719-9FA4-E65C57061CD6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B82DE8BE-31EB-4BA2-9895-052A32D433C1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B82DE8BE-31EB-4BA2-9895-052A32D433C1}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC70296A-FCB4-4BE2-AFDB-FEB90D6BE8FD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC70296A-FCB4-4BE2-AFDB-FEB90D6BE8FD}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D32C922D-6CFF-47E9-B3AA-508245F7F5DD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D32C922D-6CFF-47E9-B3AA-508245F7F5DD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\3018ca52-22e3-499e-9e81-47000884cf26" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D67C4082-ECEF-4979-A47A-92F9B0513BB7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D67C4082-ECEF-4979-A47A-92F9B0513BB7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\fda44467-d349-40b8-993f-369475865968" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3DEE243-EE4A-401D-A3E7-677B076C83B7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3DEE243-EE4A-401D-A3E7-677B076C83B7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => eliminado correctamente
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132325064\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132340871\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-796648814-1908363682-2084299599-1006\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => eliminado correctamente
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132322601\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062020132338309\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): Ninguna corrección automática encontrada para esta entrada.
HKLM\System\CurrentControlSet\Services\ImControllerService => eliminado correctamente
ImControllerService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\aswbdisk => eliminado correctamente
aswbdisk => servicio eliminado correctamente
"C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn" => no encontrado
"C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime" => no encontrado
C:\KVRT_Data => movido correctamente
C:\Users\sofic\Downloads\KVRT.exe => movido correctamente
C:\Users\sofic\Desktop\ESET Online Scanner.lnk => movido correctamente
C:\Users\sofic\Downloads\esetonlinescanner.exe => movido correctamente
C:\Users\sofic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk => movido correctamente
C:\Users\sofic\AppData\Local\ESET => movido correctamente
C:\WINDOWS\system32\runexehelper.exe => movido correctamente
C:\WINDOWS\msdownld.tmp => movido correctamente
C:\Users\sofic\AppData\Roaming\AVAST Software => movido correctamente
C:\Program Files\AVAST Software => movido correctamente
C:\ProgramData\AVAST Software => movido correctamente
C:\Users\sofic\AppData\Roaming\BitTorrent => movido correctamente
C:\Users\sofic\AppData\LocalLow\BitTorrent => movido correctamente
"AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}" => eliminado correctamente
"AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}" => eliminado correctamente
\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\sofic\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\amd64\FileSyncShell64.dll => Ningún archivo => Error: Ninguna corrección automática encontrada para esta entrada.
HKU\S-1-5-21-796648814-1908363682-2084299599-1006_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-796648814-1908363682-2084299599-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-796648814-1908363682-2084299599-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23167348 B
Java, Flash, Steam htmlcache => 131614709 B
Windows/system/drivers => 16200592 B
Edge => 60563 B
Chrome => 199331046 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 25170 B
LocalService => 113208 B
NetworkService => 16307380 B
SoCun => 16327204 B
sofic => 30392264 B

RecycleBin => 52560903 B
EmptyTemp: => 473.9 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 16:26:50 ====

Hola @Sofia_Cunha

Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.