Eliminar pup's en la pantalla de mi ordenador

Hola amigos: Hace ya mucho tiempo que no tenia problemas de malware ya que utilizo dos programas que son Malwarebytes free y Avast free antivirus, pero desde hace unos dias y de manera aleatoria me salen tres ventanas seguidas en la parte derecha de la pantalla. Estas ventanas tienen un encabezado en el que aparece la direccion de un website de internet del que me suelo bajar algun programa y despues aparece la foto de un programa televisivo de una cadena de TV española, las cierro y al cabo de unos minutos vuelven a aparecer. He utilizado los dos programas antivirus más uno mas el Adwcleaner que detectó un PUP y lo borró reiniciando el ordenador, pero no lo consiguió porque al cabo de unos minutos aparecieron de nuevo las ventanas. Por favor ¿podríais ayudarme a quitar este molesto PUP? Gracias

Hola

Realiza el siguiente procedimiento:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Lo ejecutas usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner y Malwarebytes.

Guía: Como Pegar reportes en el Foro

Nos comentas.

Saludos

Leo Solari: Gracias por atender a mi petición. Aqui le envio los dos reportes que me ha pedido:


# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-14-2019
# Duration: 00:00:09
# OS:       Windows 7 Ultimate
# Scanned:  35493
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 14/8/19
Hora del análisis: 16:08
Archivo de registro: 0e6de002-be9d-11e9-b360-fcaa14212c0f.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.12005
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Usuario-PC\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 231706
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 37 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Esto es todo por el momento, espero haberlo hecho bien. Saludos.

Hola

Desactiva temporalmente tu antivirus y cualquier programa de seguridad que tengas en funciones.

Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.

Como saber si Mi Windows es de 32 0 64 Bits`

  • Ejecuta FRST.exe
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

En Tu próxima respuesta, debes pegar los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Guía: Como Pegar reportes en el Foro

Saludos

LeoSolari: Aqui te envio lo que me has pedido Gracias

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2019
Ran by Usuario (administrator) on USUARIO-PC (Gigabyte Technology Co., Ltd. G1.Sniper Z97) (19-08-2019 13:11:22)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2017-03-28] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3767150909-2640292799-79027997-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3767150909-2640292799-79027997-1000\...\Run: [CCleaner Smart Cleaning] => D:\Programas\CCleaner Pro\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3767150909-2640292799-79027997-1000\...\MountPoints2: {198f4fa6-8800-11e8-a8c4-fcaa14212c0f} - G:\setup.exe
HKU\S-1-5-21-3767150909-2640292799-79027997-1000\...\MountPoints2: {36efdc4c-868d-11e8-ba28-806e6f6e6963} - F:\Run.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3791D189-1C2B-4B65-8F63-7450B6E26C7D} - System32\Tasks\CCleaner Update => D:\Programas\CCleaner Pro\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4DD5B406-BF73-4302-B55E-7B3A81A96C50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-13] (Google Inc -> Google Inc.)
Task: {60F61942-B179-451F-981A-C6991B4C12E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-13] (Google Inc -> Google Inc.)
Task: {77CA6E38-E0AD-41D3-8B2C-D41DF7FA4CC7} - System32\Tasks\CCleanerSkipUAC => D:\Programas\CCleaner Pro\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CE11B74F-1BC2-47C5-B06F-204643717450} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {D673B6D5-AE67-492B-BB1A-6E9A1077574C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{05B85203-F656-4AD8-947E-041D906C2601}: [DhcpNameServer] 212.231.6.7 46.6.113.34

Internet Explorer:
==================
HKU\S-1-5-21-3767150909-2640292799-79027997-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/?gws_rd=ssl#cns=0&gws_rd=ssl&spf=1531478598547
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programas\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\TomTom\HOME\Profiles\3i2wpbcn.default [2019-05-28]
FF Extension: (No Name) - D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected] [not found]
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-06-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.amazon.es/gp/bit/amazonserp/ref=bit_bds-p24_serp_cr_es_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_71e24f886772487ab7dab73024345d5e_39_1007_20140130_ES_cr_sp_","hxxps://www.google.com/","hxxps://es.yahoo.com/?fr=hp-avast&type=avastbcl","hxxps://www.google.es/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-08-19]
CHR DownloadDir: D:\Descargas Internet Provisionales
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-13]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-13]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (MEGA) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-08-17]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-13]
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-23]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-08-19]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Google Maps) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-07-13]
CHR Extension: (Google Mail Checker) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-07-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-13]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [113160 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344184 2017-01-13] (Intel Corporation - pGFX -> Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457432 2016-11-01] (Rivet Networks LLC -> Rivet Networks)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-07-21] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel(R) Software -> Intel Corporation)
R3 ASEUSBCC; C:\Windows\System32\drivers\AseUSBCC.sys [16384 2018-07-13] (Asetek Inc. -> Silicon Laboratories)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37320 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279336 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168896 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387688 2019-08-05] (AVAST Software s.r.o. -> AVAST Software)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [138872 2016-05-05] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1067304 2015-11-25] (Creative Technology Ltd -> Creative Technology Ltd)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [112872 2015-01-07] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2019-08-03] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31728 2017-03-16] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 KillerEth; C:\Windows\System32\DRIVERS\e2xw7x64.sys [134296 2016-02-12] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [200272 2017-02-14] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation -> Intel Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-19 13:11 - 2019-08-19 13:11 - 000019140 _____ C:\Users\Usuario\Desktop\FRST.txt
2019-08-19 13:11 - 2019-08-19 13:11 - 000000000 ____D C:\FRST
2019-08-19 13:08 - 2019-08-19 13:08 - 001612800 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2019-08-18 11:04 - 2019-08-18 11:04 - 000000222 _____ C:\Users\Usuario\Desktop\No Man's Sky.url
2019-08-15 11:14 - 2019-08-15 11:14 - 000001776 _____ C:\Users\Usuario\Desktop\21242-excalibur2-No Mans Sky Trainer.lnk
2019-08-14 16:17 - 2019-08-14 16:17 - 000001329 _____ C:\Users\Usuario\Desktop\Análisis Adwcleaner 14-08-2019.txt
2019-08-14 16:15 - 2019-08-12 18:54 - 007623880 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_7.4.exe
2019-08-14 16:13 - 2019-08-14 16:13 - 000001542 _____ C:\Users\Usuario\Desktop\Análisis Malwarebytes 14-08-2019.txt
2019-08-12 19:18 - 2019-08-12 19:18 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Technologies
2019-08-12 19:18 - 2019-08-12 19:18 - 000000000 ____D C:\Program Files (x86)\PDF Technologies
2019-08-09 21:17 - 2019-08-09 21:17 - 000000060 _____ C:\Users\Usuario\Desktop\Libro sanacion con imanes.txt
2019-08-09 17:01 - 2019-08-09 17:02 - 000000043 _____ C:\Users\Usuario\Desktop\Salvador Gutierrez.txt
2019-08-08 15:46 - 2019-08-08 15:46 - 000001708 _____ C:\Users\Usuario\Desktop\Astroneer trainer 1.3.13.0 - Acceso directo.lnk
2019-08-08 10:31 - 2019-08-08 10:31 - 000000082 _____ C:\Users\Usuario\Documents\cc_20190808_103124.reg
2019-08-03 16:02 - 2019-08-03 16:02 - 000055960 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2019-08-03 16:00 - 2019-08-03 16:00 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\BasemarkGPU
2019-08-03 16:00 - 2019-08-03 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BasemarkGPU
2019-08-03 15:59 - 2019-08-03 16:02 - 000000000 ____D C:\Program Files\BasemarkGPU
2019-07-29 11:43 - 2019-07-29 11:43 - 000000750 _____ C:\Users\Usuario\Desktop\Astro 1.3.13.0.lnk
2019-07-29 11:19 - 2019-07-29 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASTRONEER Lunar
2019-07-26 16:59 - 2019-08-03 18:36 - 000003238 _____ C:\Users\Usuario\Desktop\Tutorial Outpost zero.txt
2019-07-26 11:19 - 2019-07-26 11:19 - 000001002 _____ C:\Users\Usuario\Desktop\Outpost Zero.lnk
2019-07-26 11:19 - 2019-07-26 11:19 - 000000000 ____D C:\Users\Usuario\AppData\Local\SurvivalGame
2019-07-24 21:03 - 2019-07-24 21:03 - 000020500 _____ C:\Users\Usuario\Documents\cc_20190724_210306.reg
2019-07-24 21:02 - 2019-07-24 21:02 - 000015842 _____ C:\Users\Usuario\Documents\cc_20190724_210244.reg
2019-07-24 20:57 - 2019-07-24 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-24 13:51 - 2019-07-31 14:41 - 000168896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-24 13:51 - 2019-07-24 13:51 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-07-24 13:51 - 2019-07-24 13:51 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-07-21 11:58 - 2019-07-21 12:01 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\TuxPaint

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-19 12:58 - 2009-07-14 06:45 - 000016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-19 12:58 - 2009-07-14 06:45 - 000016832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-19 11:54 - 2019-05-08 18:13 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-19 11:54 - 2018-09-26 17:18 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-08-19 11:54 - 2018-09-26 17:18 - 000002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-08-19 11:54 - 2018-08-01 20:34 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-08-19 11:54 - 2018-07-13 18:53 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-19 11:54 - 2018-07-13 18:53 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-19 11:00 - 2011-04-12 11:10 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2019-08-19 11:00 - 2011-04-12 11:10 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2019-08-19 11:00 - 2009-07-14 07:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-19 11:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-08-19 10:56 - 2018-08-01 20:34 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2019-08-19 10:56 - 2018-07-13 13:10 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
2019-08-19 10:56 - 2018-07-13 12:49 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-19 10:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-19 01:09 - 2018-07-23 19:13 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2019-08-19 00:28 - 2019-05-18 19:13 - 000000000 ____D C:\Users\Usuario\Desktop\Todo sobre NMS
2019-08-18 20:14 - 2018-07-14 19:46 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2019-08-18 11:04 - 2019-05-08 18:35 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-08-18 11:02 - 2018-07-13 22:08 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2019-08-15 22:03 - 2018-07-21 19:38 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2019-08-14 20:10 - 2019-03-11 01:00 - 000000000 ____D C:\Users\Usuario\AppData\Local\Everything
2019-08-14 20:10 - 2019-03-10 16:25 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Everything
2019-08-13 12:06 - 2018-07-15 09:28 - 000000000 ____D C:\Users\Usuario\Desktop\Chequeos
2019-08-09 14:57 - 2009-07-14 07:08 - 000032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-08-09 09:57 - 2018-07-13 18:53 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-08 16:48 - 2018-11-23 16:32 - 000000000 ____D C:\ProgramData\CheatHappens Temp
2019-08-07 18:58 - 2019-01-07 15:49 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2019-08-05 12:57 - 2018-08-01 20:34 - 000387688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-08-03 16:00 - 2018-07-18 19:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\NVIDIA
2019-07-31 18:39 - 2019-04-09 18:24 - 000000000 ____D C:\Users\Usuario\AppData\Local\SquirrelTemp
2019-07-31 14:41 - 2018-08-01 20:34 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-25 10:07 - 2018-07-21 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-24 21:02 - 2019-02-16 10:46 - 000000000 ____D C:\Windows\Minidump
2019-07-24 20:58 - 2018-07-14 13:27 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-24 20:58 - 2018-07-14 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-07-24 13:51 - 2019-02-19 14:38 - 000279336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-07-24 13:51 - 2019-01-14 17:37 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-07-24 13:51 - 2019-01-12 13:11 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-07-24 13:51 - 2019-01-12 13:11 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-07-24 13:51 - 2019-01-12 13:11 - 000037320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-07-24 13:51 - 2018-10-22 12:42 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-07-24 13:51 - 2018-08-01 20:34 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-07-24 13:51 - 2018-08-01 20:34 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-07-24 13:51 - 2018-08-01 20:34 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-07-24 13:51 - 2018-08-01 20:34 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-07-24 13:51 - 2018-08-01 20:34 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-21 11:58 - 2018-07-13 12:29 - 000000000 ____D C:\Users\Usuario

==================== Files in the root of some directories ================

2018-09-06 21:11 - 2018-09-06 21:11 - 000000000 _____ () C:\Users\Usuario\AppData\Local\Driver_LOM_8161Present.flag
2018-12-18 11:41 - 2018-12-18 11:41 - 000007597 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2018-07-13 12:52] - [2018-07-13 14:15] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2018-07-13 12:52] - [2018-07-13 14:15] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE


LastRegBack: 2019-08-11 21:02
==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by Usuario (19-08-2019 13:11:54)
Running from C:\Users\Usuario\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2018-07-13 10:29:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3767150909-2640292799-79027997-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3767150909-2640292799-79027997-1002 - Limited - Enabled)
Invitado (S-1-5-21-3767150909-2640292799-79027997-501 - Limited - Enabled)
Usuario (S-1-5-21-3767150909-2640292799-79027997-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3767150909-2640292799-79027997-1000\...\uTorrent) (Version: 3.5.4.44498 - BitTorrent Inc.)
Atlas de anatomía humana edición 2017 versión 2017.2 (HKLM-x32\...\{BED25A37-F26D-4ACF-B761-D9FF5CDB834E}_is1) (Version: 2017.2 - Visible Body)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
BasemarkGPU 1.1.0 (HKLM-x32\...\BasemarkGPU) (Version: 1.1.0 - Basemark)
Bit Che (HKLM-x32\...\{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1) (Version: 3.5 build 50 - Convivea Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Everything 1.4.1.935 (x64) (HKLM\...\Everything) (Version: 1.4.1.935 - David Carpenter)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4578 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.3.42 - Intel Corporation)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{89A9DA12-B6F1-4966-95B3-574EEB6DF07E}) (Version: 1.1.65.1357 - Rivet Networks) Hidden
Killer E220x Drivers (HKLM\...\{E5914C89-E1DE-44D1-B172-DC00A3F1AA29}) (Version: 1.1.65.1357 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{F2BE14C9-4659-4335-B964-0E76AE0D2EE7}) (Version: 1.1.65.1357 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{75269D5A-2CE7-48D1-8169-5744C83C574F}) (Version: 1.1.65.1357 - Rivet Networks)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Core 2.2.1 - Windows Server Hosting (HKLM-x32\...\{f4e7bf28-480b-42a1-b8ae-07c45689bcf9}) (Version: 2.2.1.0 - Microsoft Corporation)
Microsoft .NET Core Runtime - 2.2.1 (x64) (HKLM-x32\...\{52fe6f8d-5454-4e9f-acb2-3f6a6c4feaa5}) (Version: 2.2.1.27207 - Microsoft Corporation)
Microsoft .NET Core Runtime - 2.2.1 (x86) (HKLM-x32\...\{07045d0d-029c-4cfd-9270-1d1a1e792758}) (Version: 2.2.1.27207 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.64 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Panel de control de NVIDIA 430.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.64 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Password Remover (HKLM-x32\...\{DB150C19-4A8F-4EF7-AC75-96098EACE179}) (Version: 1.0.6 - PDF Technologies)
Revo Uninstaller Pro 4.0.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.0 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Skype versión 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
Speedtest by Ookla (HKLM\...\{84EF7A8D-CEC5-44D9-A889-4C576EBCB8C4}) (Version: 1.1.23.001 - Ookla)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{e56c5d4b-34ff-44c0-b1ae-5e04aca0b8ac}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 0.16.15 - Black Tree Gaming Ltd.)
WinDirStat 1.1.2 (HKU\S-1-5-21-3767150909-2640292799-79027997-1000\...\WinDirStat) (Version:  - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3767150909-2640292799-79027997-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Programas\VirtualCloneDrive 5500\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programas\Winrar\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programas\Winrar\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\Programas\VirtualCloneDrive 5500\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programas\Winrar\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programas\Winrar\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2010-11-21 05:24 - 2018-07-13 14:15 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\slwga.dll
2018-07-13 12:52 - 2018-07-13 14:15 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2018-07-13 12:52 - 2018-07-13 14:15 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [8192]
AlternateDataStreams: C:\Users\All Users:gs5sys [8192]
AlternateDataStreams: C:\Users\Usuario:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [8192]
AlternateDataStreams: C:\ProgramData\Datos de programa:gs5sys [8192]
AlternateDataStreams: C:\ProgramData\Plantillas:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\Configuración local:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\Cookies:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\Datos de programa:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\Plantillas:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Usuario\AppData\Local:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\AppData\Roaming:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Datos de programa:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\AppData\Local\Historial:gs5sys [3072]
AlternateDataStreams: C:\Users\Usuario\Documents\desktop.ini:gs5sys [3072]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 11:04 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-3767150909-2640292799-79027997-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 212.231.6.7 - 46.6.113.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Smart Cleaning => "D:\Programas\CCleaner Pro\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "D:\Programas\VirtualCloneDrive 5500\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AAB9B8B9-8145-4D7F-9CCA-169A9A53C9A6}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C3E5D061-7516-43B1-A4DC-77820495181A}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5E56188B-4DC2-4AA3-9398-F8B3B76520AD}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{B32D688C-54A6-411B-8334-899B0C4E8CDE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{8E9A7927-C554-4D19-94D0-EA7899AEAD2A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{CBF65ED0-F7E2-439D-B208-E07EA3390C19}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9FA873B3-E9B0-4341-AD04-D32190093B62}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{963E963D-9E20-453C-8465-A4F474032518}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02DBE71B-80F0-443F-9F4B-B2BC889804E4}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25CEE59A-5633-4F8A-9076-E46356FF2D43}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7879B163-F462-4DA4-8E97-B0C0E73EB209}] => (Allow) D:\Programas\CCleaner Pro\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EA37A32B-C155-4D44-A6F6-7EEACBEB008B}] => (Allow) D:\Programas\CCleaner Pro\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6A67CF76-E90F-4DCB-AFEB-54D01E2A9478}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{315BF541-07AF-4B08-B460-5501DA8BA228}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4B814902-B05A-4494-88E6-4B2D23B05F35}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{17995FA3-54F2-451E-9C6B-A749C1D0262E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FD8BD2F6-98BC-4119-B87A-273300025E66}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC0EAB2C-43C7-4ED4-AC51-303841F5F7F4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF90B691-81E2-4FCB-BFAC-FE7263E45C60}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6C2A4371-BD8A-4288-863E-E01E4D9AD1A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{2408DAB2-4706-4EE6-B7AA-B24127DFE1A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]

==================== Restore Points =========================

03-08-2019 17:35:12 Revo Uninstaller Pro's restore point - Notepad++ (64-bit x64)
11-08-2019 21:09:31 Punto de control programado
12-08-2019 19:18:47 Installed PDF Password Remover
14-08-2019 15:56:32 Revo Uninstaller Pro's restore point - No Man's Sky
18-08-2019 10:57:23 Revo Uninstaller Pro's restore point - No Man's Sky

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/19/2019 12:43:48 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (08/19/2019 11:43:48 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (08/19/2019 10:55:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/19/2019 10:55:58 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (08/19/2019 02:13:02 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (08/19/2019 01:13:02 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005

Error: (08/19/2019 01:09:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: 21242-excalibur2-No Mans Sky Trainer.exe, versión: 1.0.0.0, marca de tiempo: 0x5d513424
Nombre del módulo con errores: 21242-excalibur2-No Mans Sky Trainer.exe, versión: 1.0.0.0, marca de tiempo: 0x5d513424
Código de excepción: 0x80000003
Desplazamiento de errores: 0x0000000000dab02c
Id. del proceso con errores: 0x8bc
Hora de inicio de la aplicación con errores: 0x01d55619edbc1b38
Ruta de acceso de la aplicación con errores: D:\Descargas Internet Provisionales\Trainers\No Man's Sky Beyond 2.0\21242-excalibur2-No Mans Sky Trainer.exe
Ruta de acceso del módulo con errores: D:\Descargas Internet Provisionales\Trainers\No Man's Sky Beyond 2.0\21242-excalibur2-No Mans Sky Trainer.exe
Id. del informe: 30558d29-c20d-11e9-905c-fcaa14212c0f

Error: (08/19/2019 12:13:02 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: Error del Programador de activación de licencias (sppuinotify.dll) con el siguiente código:
0x80070005


System errors:
=============
Error: (08/19/2019 11:43:48 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: No se puede iniciar un servidor DCOM: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} como /. Error 
"5"
al iniciar este comando:
C:\Windows\System32\slui.exe -Embedding

Error: (08/19/2019 10:57:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 y APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/19/2019 12:13:02 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: No se puede iniciar un servidor DCOM: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} como /. Error 
"5"
al iniciar este comando:
C:\Windows\System32\slui.exe -Embedding

Error: (08/18/2019 11:26:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 y APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/18/2019 08:55:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 y APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/18/2019 04:29:59 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: No se puede iniciar un servidor DCOM: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} como /. Error 
"5"
al iniciar este comando:
C:\Windows\System32\slui.exe -Embedding

Error: (08/18/2019 03:43:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 y APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/18/2019 11:39:30 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: No se puede iniciar un servidor DCOM: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} como /. Error 
"5"
al iniciar este comando:
C:\Windows\System32\slui.exe -Embedding


Windows Defender:
===================================
Date: 2018-07-13 12:59:56.089
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.271.925.0
Versión de firma anterior:1.95.191.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:Usuario-PC\Usuario
Versión de motor actual:1.1.15000.2
Versión de motor anterior:1.1.6402.0
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2018-07-13 12:59:56.089
Description: 
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.15000.2
Versión de motor anterior:1.1.6402.0
Origen de actualización:Usuario
Usuario:Usuario-PC\Usuario
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F6 05/30/2014
Motherboard: Gigabyte Technology Co., Ltd. G1.Sniper Z97
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 32%
Total physical RAM: 16245.31 MB
Available physical RAM: 10925.32 MB
Total Virtual: 32488.76 MB
Available Virtual: 26494.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:134.93 GB) NTFS
Drive d: () (Fixed) (Total:2794.39 GB) (Free:1590.51 GB) NTFS
Drive e: () (Removable) (Total:58.43 GB) (Free:21.7 GB) NTFS

\\?\Volume{ca25262b-8686-11e8-99c5-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 5676DEB9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Protective MBR) (Size: 58.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Hola

Abrí un nuevo archivo Notepad y copia y pega este contenido:

Start
CreateRestorePoint:
CloseProcesses
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\TomTom\HOME\Profiles\3i2wpbcn.default [2019-05-28] FF Extension: (No Name) - D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected] [not found]
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-23]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-18] CHR HKLM-x32…\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32…\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\TomTom\HOME\Profiles\3i2wpbcn.default [2019-05-28] FF Extension: (No Name) - D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected] [not found]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) 
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Saludos

Aqui te envio lo que me has pedido:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by Usuario (19-08-2019 15:46:27) Run:1
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:

CloseProcesses

FF ProfilePath: C:\Users\Usuario\AppData\Roaming\TomTom\HOME\Profiles\3i2wpbcn.default [2019-05-28] FF Extension: (No Name) - D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected] [not found]

CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-23]

CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-18] CHR HKLM-x32�\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32�\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

FF ProfilePath: C:\Users\Usuario\AppData\Roaming\TomTom\HOME\Profiles\3i2wpbcn.default [2019-05-28] FF Extension: (No Name) - D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected] [not found]

FF Plugin: @videolan.org/vlc,version=3.0.3 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) 

FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 

CMD: ipconfig /flushdns

CMD: ipconfig /renew

CMD: bitsadmin /reset /allusers

CMD: netsh winsock reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

RemoveProxy:

EmptyTemp:

Hosts:

END

*****************

Restore point was successfully created.
CloseProcesses => Error: No automatic fix found for this entry.
D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected] => path removed successfully
"D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected]" => not found
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-23] => Error: No automatic fix found for this entry.
C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile => moved successfully
"D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected]" => not found
"D:\TomTom\TomTomHome\TomTom HOME 2\xul\extensions\[email protected]" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
D:\Programas\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> D:\Programas\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/GENUINE" => not found

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

Error al renovar la interfaz Conexi¢n de  rea local : El nombre especificado en el bloque de control de red (NCB) est  en uso en un adaptador remoto.
El NCB son los datos.
 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{A85932E6-A678-455A-9969-BF1C46D766CC} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3767150909-2640292799-79027997-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3767150909-2640292799-79027997-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6017257 B
Java, Flash, Steam htmlcache => 373319736 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 350295712 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 0 B
Usuario => 1029108 B

RecycleBin => 38396075 B
EmptyTemp: => 741.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:46:45 ====

Y como sigue el problema ?

Leosolari.

Desde hace unos dias no volvieron a aparecer, quizá el problema se ha resuelto ya pero no podria decirtelo con seguridad; si te parece esperamos unos dias y si vuelven te aviso de nuevo y si no te digo nada quiere decir que has resuelto el problema. Me podrias decir que es lo que has detectado que pudiera producir esos pup’s?.

Muchas gracias por tu intervención extensible a todo el equipo que ayudáis a tanta gente.

Un saludo cordial.

Hola

El problema eran extensiones y/o Plugin de los navegadores.

Descargá la herramienta Delfix a Tu escritorio.

Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run

Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.

Nos comentas como sigue …

Saludos

Aqui te envio el informe de Delfix

# DelFix v1.013 - Logfile created 20/08/2019 at 16:06:41
# Updated 17/04/2016 by Xplode
# Username : Usuario - USUARIO-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner

########## - EOF - ##########

Saludos. Una vez más gracias por todo.

Hola

Para cualquier otro problema, no dudes en volver a postear. Ya sabes dónde estamos.

Tema Solucionado

Saludos