Eliminar Segurazo

Hola que tal? Instale un programa y se instalo segurazo sin mi consentimiento. Ahora trato de eliminarlo y no puedo … Que puedo hacer para borrarlo definitivamente?

Hola @manuelmdp1988

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes Versión 4

  • Lo ejecutas siguiendo los pasos de su Manual.
  • Realizas un Análisis de Amenazas
  • Revisa especialmente como salvar el reporte.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

Hola SanMar , gracias por tu pronta respuesta.

A continuación pego los reportes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/1/20
Hora del análisis: 14:50
Archivo de registro: 80a3b8e0-37bf-11ea-bbaf-00ff6014f168.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.793
Versión del paquete de actualización: 1.0.17764
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Usuario-PC\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Cancelado
Objetos analizados: 0
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 28 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

´´´´


# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2019-12-17.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-15-2020
# Duration: 00:01:17
# OS:       Windows 7 Ultimate
# Scanned:  35232
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [100575 octets] - [17/10/2019 22:18:04]
AdwCleaner[S00].txt - [2428 octets] - [17/10/2019 22:18:44]
AdwCleaner[C00].txt - [2435 octets] - [17/10/2019 22:19:02]
AdwCleaner[S01].txt - [1514 octets] - [18/10/2019 12:04:28]
AdwCleaner[S02].txt - [1575 octets] - [19/10/2019 18:38:10]
AdwCleaner[S03].txt - [1636 octets] - [26/10/2019 17:43:35]
AdwCleaner[C03].txt - [1824 octets] - [26/10/2019 17:44:02]
AdwCleaner[S04].txt - [1758 octets] - [30/10/2019 15:43:14]
AdwCleaner[S05].txt - [1819 octets] - [03/11/2019 12:09:42]
AdwCleaner[S06].txt - [1880 octets] - [16/11/2019 17:32:46]
AdwCleaner[C06].txt - [2068 octets] - [16/11/2019 17:33:38]
AdwCleaner[S07].txt - [2002 octets] - [20/11/2019 16:13:58]
AdwCleaner[S08].txt - [2063 octets] - [14/12/2019 20:27:25]
AdwCleaner[C08].txt - [2251 octets] - [14/12/2019 20:27:53]
AdwCleaner[S09].txt - [2186 octets] - [14/12/2019 20:52:15]
AdwCleaner[S10].txt - [2956 octets] - [11/01/2020 14:08:43]
AdwCleaner[C10].txt - [2939 octets] - [11/01/2020 14:10:24]
AdwCleaner[S11].txt - [2888 octets] - [11/01/2020 14:24:36]
AdwCleaner[C11].txt - [2908 octets] - [11/01/2020 14:24:57]
AdwCleaner[S12].txt - [3010 octets] - [11/01/2020 14:30:04]
AdwCleaner[C12].txt - [3030 octets] - [11/01/2020 16:18:42]
AdwCleaner[S13].txt - [2706 octets] - [13/01/2020 16:06:48]
AdwCleaner[C13].txt - [2856 octets] - [13/01/2020 16:07:21]
AdwCleaner[S14].txt - [2735 octets] - [15/01/2020 07:31:40]
AdwCleaner[C14].txt - [2923 octets] - [15/01/2020 07:32:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S15].txt ##########

´´´´

~ ZHPCleaner v2020.1.12.169 by Nicolas Coolman (2020/01/12)
~ Run by Usuario (Administrator)  (15/01/2020 15:09:48)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Usuario\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (31)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (60)
ENCONTRADOS carpeta: C:\Windows\Installer\wix{B6DCCCD3-520D-4485-B642-FCC136CE12C3}.SchedServiceConfig.rmi    =>.SUP.Empty
ENCONTRADOS carpeta: C:\Windows\Installer\MSI29A5.tmp    =>.SUP.MSIInstaller
ENCONTRADOS carpeta: C:\Windows\Installer\MSID259.tmp    =>.SUP.MSIInstaller
ENCONTRADOS carpeta: C:\Windows\Installer\MSIDAF6.tmp    =>.SUP.MSIInstaller
ENCONTRADOS carpeta: C:\Windows\Installer\MSIECD9.tmp    =>.SUP.MSIInstaller
ENCONTRADOS carpeta: C:\Windows\Installer\10d0617.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\11bcdc.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\147a765.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\1507dcd.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\161c5d.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\17233f.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\1789bf.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\17cafe.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\185a25.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\18c7869.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\19f234e.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\1a3432e.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\1c25852.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\1e2cdf.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\1e5f00.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\24cf920.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\30cea9e.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\3636f6.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\3ce15ce.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\956b1.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\9fa9f.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\a3ad1.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\a5075.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\a51d6.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\c173f.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\c2a4e.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\c453b.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\c84be.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\ccde60.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\cd08b0.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\cfe21a.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\d1a2fa.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\d3e17.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\e1a46.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\f2ceb.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Windows\Installer\f64a0.msp    =>.SUP.Obsolete.Adobe
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\CUsersUsuarioAppDataLocalProgramsOpera66.0.3515.27opera_autoupdate.download.lock    =>.SUP.Temporary.Opera
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\CUsersUsuarioAppDataLocalProgramsOpera66.0.3515.27opera_autoupdate.metrics.lock    =>.SUP.Temporary.Opera
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\PCW9EFD.tmp    =>.SUP.Temporary.Empty
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF0360940FF1597860.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF09A6DBB680072DEF.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF1257A80378FEA7FB.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF263980A51A108B6A.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF43A6A7CE2F5C8DF8.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF56CDFF90EA860F9F.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF5E77F8534181DD29.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DF7CAC2D98C3A6B0E3.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DFABB0C2C394B1C2C9.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DFAE3612F2FA87940C.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DFCCC6CC7887DB7F15.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DFE5FB8685C3AC5FEB.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DFEC6351881950B4CF.TMP    =>.SUP.Temporary.Other
ENCONTRADOS carpeta: C:\Users\Usuario\AppData\Local\Temp\~DFFB28A8D196F222E0.TMP    =>.SUP.Temporary.Other
ENCONTRADOS archivo: C:\Windows\Installer\MSI4FD5.tmp-  =>.SUP.Empty
ENCONTRADOS archivo: C:\Windows\Installer\MSIFC58.tmp-  =>.SUP.Empty


---\\  Registro ( Claves, Valores, Datos) (33)
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\CCleaner\CCleaner64.exe [CCleaner]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\sXe Injected\Injected.exe [Injected Client - Anticheat System]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Desktop\JRT.exe [Junkware Removal Tool]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [Galería de fotos]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows Photo Viewer\PhotoViewer.dll [Visualizador de fotos de Windows]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Firefox]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe [Movie Maker]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Media Player\wmplayer.exe [Reproductor de Windows Media]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Internet Explorer\iexplore.exe [Internet Explorer]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Downloads\JUEGOS\GTA SA\GTA San Andreas - DeynerTutoriales\gta_sa.exe [gta_sa]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\StarBurn Software\StarBurn\Wizards\StarBurn.exe [StarBurn]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [Malwarebytes]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [DAEMON Tools Lite]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [Adobe Acrobat Reader DC ]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\ImgBurn\ImgBurn.exe [ImgBurn - The Ultimate Image Burner!]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE [Word (escritorio)]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Windows NT\Accessories\WORDPAD.EXE [WordPad]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll [Visualizador de fotos de Windows]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Downloads\JUEGOS\NEED FOR SPEED\Need for Speed Most Wanted\Speed.exe [Speed]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE [Excel (escritorio)]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Office15\MSPUB.EXE [Publisher (escritorio)]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Downloads\JUEGOS\GTA SA\Carpeta User Files Para GTA San By_loquenderoarellano\gta_sa.exe [gta_sa]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\WinRAR\WinRAR.exe [WinRAR archiver]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe [Kaspersky Secure Connection]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Image-Line\FL Studio 20\FL64.exe [FL Studio]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Desktop\FRST64.exe [Farbar Recovery Scan Tool]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Desktop\delfix.exe [Removal tools cleaner]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Desktop\hwmonitor_1.28.exe [CPUID HWMonitor Setup                             ]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Valve\hl.exe [Half-Life Launcher]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Desktop\adwcleaner_8.0.1.exe [AdwCleaner]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner.exe [ZHPCleaner]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [Opera Internet Browser]  =>.SUP.Orphan.MUICache
ENCONTRADOS valor: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Usuario\Desktop\ZHPCleaner.exe [ZHPCleaner]  =>.SUP.Orphan.MUICache


---\\  Resumen de elementos en su estación de trabajo (7)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.MSIInstaller
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Obsolete.Adobe
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Opera
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Orphan.MUICache


---\\ Resultado de la reparación.
~ ninguna reparación hecha
~ Mozilla Firefox OK
~ Internet Explorer OK
~ Opera OK


---\\ STATISTIQUES
~ Items escaneado : 86606
~ Items encontrado : 126
~ artículos cancelados : 0
~ Items opciones : 15/15
~ Ahorro de espacio (bytes) : 140288


~ End of search in 00h10mn20s

---\\  Reporte (5)
ZHPCleaner-[R]-13012020-17_45_20.txt
ZHPCleaner-[S]-13012020-17_21_32.txt
ZHPCleaner-[S]-13012020-17_40_39.txt
ZHPCleaner-[S]-15012020-08_02_48.txt
ZHPCleaner-[S]-15012020-15_20_08.txt

Hola @manuelmdp1988

Comenta cual fue el programa que instalaste?


Luego realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Sino me equivoco segurazo se instalo después de instalar el juego counter strike.

Copio los informes a continuación:

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-01-2020
Ejecutado por Usuario (15-01-2020 21:22:55)
Ejecutado desde C:\Users\Usuario\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-09-17 14:02:07)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3306104381-707099750-1311680531-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3306104381-707099750-1311680531-1003 - Limited - Enabled)
Invitado (S-1-5-21-3306104381-707099750-1311680531-501 - Limited - Enabled) => C:\Users\Invitado
Usuario (S-1-5-21-3306104381-707099750-1311680531-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

4K Stogram 1.9 (HKLM-x32\...\4K Stogram_is1) (Version: 1.9.5.964 - Open Media LLC)
Actualización de NVIDIA 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Cstrike 1.6 No Steam v23B - Marzo 2009 (HKLM-x32\...\Cstrike 1.6 No Steam) (Version: v23B - Marzo 2009 - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 72.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 72.0.1 (x64 es-ES)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Controlador de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
Opera Stable 66.0.3515.27 (HKU\S-1-5-21-3306104381-707099750-1311680531-1000\...\Opera 66.0.3515.27) (Version: 66.0.3515.27 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7443 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
StarBurn Version 15.7 (Build 0x20170407) (HKLM-x32\...\StarBurn_is1) (Version: 15.7 - StarBurn Software)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.8.0.0 - Alejandro Cortés)
sXe Injected 15.9 (HKLM-x32\...\sXe Injected 15.9) (Version: 15.9 - By SantaCS)
Unity Web Player (HKU\S-1-5-21-3306104381-707099750-1311680531-1000\...\UnityWebPlayer) (Version: 5.3.0f4 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{D8C21FB1-47FD-4CCA-8579-E8EB7FA380B2}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version:  - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-01-29] (Intel Corporation) [Archivo no firmado]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2005-09-29 22:47 - 2005-09-29 22:47 - 000225280 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\core.dll
2005-06-28 02:05 - 2005-06-28 02:05 - 001572928 _____ () [Archivo no firmado] c:\program files (x86)\valve\cstrike\cl_dlls\GameUI.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000069632 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\dbg.dll
2005-09-29 22:42 - 2005-09-29 22:42 - 000090112 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\demoplayer.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000118873 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\filesystem_stdio.dll
2005-09-29 22:42 - 2005-09-29 22:42 - 000125952 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\Mp3dec.asi
2005-09-29 22:47 - 2005-09-29 22:47 - 000351744 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\mss32.dll
2005-09-29 22:42 - 2005-09-29 22:42 - 000142848 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\Mssv12.asi
2005-09-29 22:42 - 2005-09-29 22:42 - 000161792 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\Mssv29.asi
2005-09-29 22:46 - 2005-09-29 22:46 - 000155721 _____ () [Archivo no firmado] c:\program files (x86)\valve\platform\Friends\TrackerNET.dll
2005-09-29 22:46 - 2005-09-29 22:46 - 000573515 _____ () [Archivo no firmado] c:\program files (x86)\valve\platform\Friends\trackerUI.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 001138774 _____ () [Archivo no firmado] c:\program files (x86)\valve\platform\Servers\serverbrowser.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000397312 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\steamclient.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000217088 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\tier0_s.dll
2005-08-09 13:45 - 2005-08-09 13:45 - 000081920 _____ () [Archivo no firmado] c:\program files (x86)\valve\valve\cl_dlls\particleman.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000352256 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\vgui.dll
2005-10-04 19:54 - 2005-10-04 19:54 - 000258114 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\vgui2.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000139264 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\voice_speex.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 000204800 _____ () [Archivo no firmado] C:\Program Files (x86)\Valve\vstdlib_s.dll
2015-09-19 11:16 - 2015-11-12 15:37 - 001579288 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2005-09-29 22:47 - 2005-09-29 22:47 - 003649536 _____ (Valve Corporation) [Archivo no firmado] C:\Program Files (x86)\Valve\Steam.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-3306104381-707099750-1311680531-1000\...\amazon.com -> hxxps://amazon.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2019-01-04 09:41 - 000001006 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3306104381-707099750-1311680531-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3306104381-707099750-1311680531-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Invitado\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 208.67.222.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WinRM => 3
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Usuario\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{9FE86B11-2939-478F-BC82-A3F7D6036587}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB82B873-6976-40F8-9C5D-3EFCA5FA0227}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6966FB5A-4C30-402A-951C-108D61A38EFB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19E0919C-C770-46B6-965C-35AD94DD5C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4C4EC45-9A77-478A-9639-B91DD89B2A43}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAAD3278-7698-4776-BDF5-04D866B0B5B5}] => (Allow) LPort=1688
FirewallRules: [{53F53333-B113-4D78-9AFA-37FFC96D5D29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{94971DA0-F639-4451-A303-6D125F9E8CA8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EDE402F7-D4F0-4992-9407-B0A4AD27CC1C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E174EAD7-A3F2-446F-ADF3-ADD2952EF227}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B373664-DBE4-4A50-83FB-4B3FAA4D580D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D1EC6EDD-4ADA-44FB-9E8C-7C145A845D64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC4D0866-6DD6-412E-A339-D5987967BD8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B953F46-C6F3-42E6-B38A-D898094F317D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4157DD4-C929-48A4-B02B-3938B8BB84EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A2ED57B8-7B14-4AF2-9935-E40B6873AE10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E349C7AB-C779-478D-B15B-61339EF58B47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{11FAE026-508F-4399-BD89-EF3EC5EDA693}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2319B8B8-7021-421E-83E0-178975C0885E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BED4D4C5-9A5D-4542-9110-29C7C91E2DA3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A4C66E47-6548-492B-963F-D3FFB2FB01BD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4A01D04-06BB-4080-A635-D9EF6F41EDC1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7988B273-0FD4-4F84-81C1-D2F1806DB6AB}] => (Allow) LPort=2869
FirewallRules: [{3C3ABEEE-4AD4-46D3-895B-5BE160B56457}] => (Allow) LPort=1900
FirewallRules: [{48C72BB2-1A84-4948-8F49-21E8F9BE281A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EB76EEF7-F918-4550-9965-3DB72AF98968}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

==================== Puntos de Restauración =========================

31-12-2019 19:28:50 Windows Update
01-01-2020 15:29:54 Windows Update
02-01-2020 13:34:43 Windows Update
02-01-2020 13:48:39 Windows Update
02-01-2020 14:33:10 Windows Update
06-01-2020 00:13:41 Windows Update
06-01-2020 18:55:51 Windows Update
06-01-2020 22:30:05 Windows Update
07-01-2020 08:17:37 JRT Pre-Junkware Removal
11-01-2020 14:00:40 JRT Pre-Junkware Removal
12-01-2020 08:09:34 JRT Pre-Junkware Removal
13-01-2020 11:29:11 Windows Update
13-01-2020 15:59:26 JRT Pre-Junkware Removal
15-01-2020 07:28:03 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/15/2020 09:12:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/15/2020 09:03:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/15/2020 08:58:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/15/2020 07:02:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/15/2020 02:51:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.473, marca de tiempo: 0x5df16265
Nombre del módulo con errores: Qt5Core.dll, versión: 5.13.2.0, marca de tiempo: 0x5dcd608c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000020d435
Id. del proceso con errores: 0x1188
Hora de inicio de la aplicación con errores: 0x01d5cbcc62a1cee0
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Id. del informe: a3f83780-37bf-11ea-82c0-1c6f65fdca59

Error: (01/15/2020 12:38:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/15/2020 11:30:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/15/2020 08:37:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa hl.exe, versión 1.1.1.1, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 8a8

Hora de inicio: 01d5cb9390715860

Hora de finalización: 454

Ruta de acceso de la aplicación: C:\Program Files (x86)\Valve\hl.exe

Identificador de informe: 59e2a1a1-378b-11ea-89eb-1c6f65fdca59


Errores del sistema:
=============
Error: (01/15/2020 09:11:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/15/2020 09:11:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (01/15/2020 09:02:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/15/2020 09:02:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (01/15/2020 08:57:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/15/2020 08:57:00 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (01/15/2020 07:01:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (01/15/2020 07:01:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.


Windows Defender:
===================================
Date: 2016-02-08 15:50:14.206
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{6B372608-57DD-4841-B910-E8ED0F7A6670}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:Usuario-PC\Usuario

==================== Información de la memoria =========================== 

BIOS: Award Software International, Inc. F1 12/24/2010
Placa base: Gigabyte Technology Co., Ltd. M68MT-S2P
Procesador: AMD Athlon(tm) II X2 250 Processor
Porcentaje de memoria en uso: 44%
RAM física total: 7934.46 MB
RAM física disponible: 4378.67 MB
Virtual total: 15867.07 MB
Virtual disponible: 12144.29 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:335.41 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]


==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 6B64BDA2)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Separo los reportes pues sino me es imposible leerlos correctamente:

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-01-2020
Ejecutado por Usuario (administrador) sobre USUARIO-PC (Gigabyte Technology Co., Ltd. M68MT-S2P) (15-01-2020 21:21:23)
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario & Invitado (Perfiles disponibles: Usuario & Invitado)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Opera)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALEJANDRO CORTES -> Developed by Alejandro Cortés) C:\Program Files (x86)\sXe Injected\Injected.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(NVIDIA Corporation -> NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve) [Archivo no firmado] C:\Program Files (x86)\Valve\hl.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1828160 2015-11-12] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {012E6190-AAF3-48F9-9C34-51698254F245} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1A2DA23F-1551-41EE-9F8A-E81A06B623AE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-12] (Adobe Inc. -> Adobe)
Task: {1C25A539-5266-4E5A-9881-C601708ED6B0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {20C1FBCB-2E70-4211-8B10-F526ECFF5576} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
Task: {2E5DDD75-0039-4121-9CF0-638FB2FE3BAA} - System32\Tasks\{91152070-F5CA-47B1-921A-607F7CAF174A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Vivid Games S.A\Real Boxing\Binaries\UnSetup.exe" -d "C:\Program Files (x86)\Vivid Games S.A\Real Boxing\Binaries"
Task: {344506C2-3BFF-43E8-8C11-324472E1D1D3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {36F69AEB-E4F5-443A-A02F-E31906603554} - System32\Tasks\{B5D2A572-BA8E-4EAC-90D3-9E75A30963FB} => C:\Program Files (x86)\Vivid Games S.A\Real Boxing\Binaries\RBLauncher.exe
Task: {432A588B-D5C2-4F6E-A6D1-2C0C007E20A9} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {4EBC23CA-27B2-4E3D-ABF2-AB8BD48E5850} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {6E2FA0BE-9956-4E0D-BFD0-928A81F6375E} - System32\Tasks\{3EF018CA-8414-4E95-8854-4E7751D9DA08} => C:\Windows\system32\pcalua.exe -a "C:\Users\Usuario\Downloads\REAL BOX BY ELSIGAMER\BOX\Real Boxing\Binaries\UnSetup.exe" -d "C:\Users\Usuario\Downloads\REAL BOX BY ELSIGAMER\BOX\Real Boxing\Binaries"
Task: {7DAF3065-C7CE-46DB-9599-E922C342B014} - System32\Tasks\{B9CE5DBA-89A4-4350-9235-8212B459D588} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Desktop\jxpiinstall.exe -d C:\Users\Usuario\Desktop
Task: {807A7815-EF7B-4347-9005-B128F8794AF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {9CADA76F-2F92-45E9-B5DD-4F70EE94659F} - System32\Tasks\{6C73865A-1675-4443-90FF-258C49BC9AEC} => C:\Windows\system32\pcalua.exe -a C:\Users\Usuario\Desktop\cs16_no_steam\CS1.6_v2.5.exe -d C:\Users\Usuario\Desktop\cs16_no_steam
Task: {A2670295-463B-4493-9C2F-50DB77759A1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {C641031D-40DA-44CA-97BC-88329F444F8F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {E01A929D-E4C9-4AFE-A972-E0BF8499FB52} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {EC24ED28-00BC-4751-B3D5-3E6D7CBB9BE8} - System32\Tasks\Opera scheduled Autoupdate 1578928751 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [1532440 2020-01-07] (Opera Software AS -> Opera Software)
Task: {F1D1C2A9-D958-4FA1-B70C-C1FE91EBB7B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDED454D-8810-41C8-9F90-069A7845DD06} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 208.67.222.222
Tcpip\..\Interfaces\{1519E0FC-59F5-4494-BC5F-5187159D9F1B}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{20106B69-3646-4318-AD83-46A05B1A1073}: [DhcpNameServer] 8.8.8.8 208.67.222.222

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3306104381-707099750-1311680531-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3306104381-707099750-1311680531-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3306104381-707099750-1311680531-1000 -> {67E03EC4-A202-481F-B8B2-2B643DA348CD} URL = hxxps://ar.search.yahoo.com/search?p={searchTerms}&intl=ar&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2020-01-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2020-01-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: du2qzntn.default
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\du2qzntn.default [2020-01-15]
FF DownloadDir: C:\Users\Usuario\Desktop
FF NewTab: Mozilla\Firefox\Profiles\du2qzntn.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\du2qzntn.default -> Enabled: {24436206-088d-4a1a-8d0e-cf93ca7a2d23}
FF Extension: (Telemetry coverage) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\du2qzntn.default\features\{26bb164c-45b6-456f-be01-b10128a362dc}\[email protected] [2018-10-31] [Heredado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-10-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2020-01-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2020-01-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3306104381-707099750-1311680531-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Usuario\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies SF -> Unity Technologies ApS)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-06-24] <==== ATENCIÓN (Apunta a archivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-06-24] <==== ATENCIÓN

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-13] (Malwarebytes Inc -> Malwarebytes)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA Corporation -> NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2673664 2010-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5363200 2014-01-29] (Intel Corporation) [Archivo no firmado]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72016 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122488 2019-08-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [86656 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [217216 2019-08-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1093240 2019-08-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1123456 2019-08-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56144 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [56656 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [57464 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [49280 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [177280 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [201552 2019-06-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corporation -> NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2018-05-03] (Disc Soft Ltd -> Duplex Secure Ltd.)
R1 StarPortLite; C:\Windows\System32\DRIVERS\StarPortLite.sys [120704 2013-02-04] (StarWind Software Inc -> StarWind Software)
U3 agyxkxai; C:\Windows\System32\Drivers\agyxkxai.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATENCIÓN (cero bytes Archivo/Carpeta)
S3 AndnetBus; system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-15 21:21 - 2020-01-15 21:22 - 000025427 _____ C:\Users\Usuario\Desktop\FRST.txt
2020-01-15 21:21 - 2020-01-15 21:21 - 000000000 ____D C:\Users\Usuario\Desktop\FRST-OlderVersion
2020-01-15 14:58 - 2020-01-15 14:58 - 003329408 _____ (Nicolas Coolman) C:\Users\Usuario\Desktop\ZHPCleaner.exe
2020-01-15 14:53 - 2020-01-15 14:53 - 000002857 _____ C:\Users\Usuario\Desktop\AdwCleaner[S15].txt
2020-01-15 14:51 - 2020-01-15 14:51 - 000001534 _____ C:\Users\Usuario\Desktop\malwarebytes1.txt
2020-01-15 14:49 - 2020-01-15 14:49 - 000001540 _____ C:\malwarebytes.txt
2020-01-15 13:59 - 2020-01-15 13:59 - 000000000 ____D C:\Users\Usuario\Downloads\neo
2020-01-15 13:58 - 2020-01-15 13:58 - 000002787 _____ C:\Users\Usuario\Downloads\neo.rar
2020-01-15 13:52 - 2020-01-15 13:52 - 000000000 ____D C:\Users\Usuario\Downloads\markeloff
2020-01-15 13:51 - 2020-01-15 13:51 - 000002893 _____ C:\Users\Usuario\Downloads\markeloff.rar
2020-01-15 13:21 - 2020-01-15 13:21 - 000000000 ____D C:\Users\Usuario\Downloads\HeatoN
2020-01-15 13:17 - 2020-01-15 13:17 - 000001380 _____ C:\Users\Usuario\Downloads\HeatoN.rar
2020-01-15 08:04 - 2020-01-15 08:04 - 000000016 _____ C:\ProgramData\mntemp
2020-01-13 17:21 - 2020-01-15 15:20 - 000014294 _____ C:\Users\Usuario\Desktop\ZHPCleaner (S).txt
2020-01-13 17:11 - 2020-01-15 15:54 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ZHP
2020-01-13 17:11 - 2020-01-15 14:54 - 000000834 _____ C:\Users\Usuario\Desktop\ZHPCleaner.lnk
2020-01-13 17:11 - 2020-01-13 17:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\ZHP
2020-01-13 17:01 - 2020-01-13 17:01 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-13 17:01 - 2020-01-13 17:01 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-13 17:01 - 2020-01-13 17:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\cache
2020-01-13 16:44 - 2020-01-13 16:44 - 004104758 _____ C:\Users\Usuario\Downloads\4530734.csv
2020-01-13 16:31 - 2020-01-13 16:31 - 000000000 ____D C:\Program Files (x86)\ESET
2020-01-13 12:19 - 2020-01-13 12:19 - 000004090 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1578928751
2020-01-13 12:19 - 2020-01-13 12:19 - 000001324 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-01-13 11:41 - 2020-01-13 11:41 - 000129080 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-01-13 11:40 - 2020-01-13 11:40 - 000000000 ____D C:\Program Files\Java
2020-01-11 16:21 - 2020-01-11 16:21 - 000000000 ____D C:\Windows\SysWOW64\%Data%
2020-01-11 14:27 - 2020-01-13 11:09 - 000000000 ____D C:\Temp
2020-01-11 14:06 - 2020-01-11 14:06 - 008237744 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.0.1.exe
2020-01-11 13:58 - 2020-01-11 13:58 - 000001035 _____ C:\Users\Usuario\Desktop\Injected Anti-cheat.lnk
2020-01-11 13:47 - 2020-01-11 13:47 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\4331ac271bf9c5175ca57e3bf9f5c77c
2020-01-11 13:32 - 2020-01-11 13:32 - 000002000 _____ C:\Users\Usuario\Desktop\Counter Strike.lnk
2020-01-07 11:24 - 2020-01-07 11:24 - 000003192 _____ C:\Windows\system32\Tasks\{6C73865A-1675-4443-90FF-258C49BC9AEC}

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-15 21:22 - 2019-10-27 02:16 - 000000000 ____D C:\FRST
2020-01-15 21:21 - 2019-10-27 02:10 - 002573312 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2020-01-15 21:13 - 2019-06-24 19:19 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-01-15 21:13 - 2016-08-05 16:58 - 000000000 ____D C:\Program Files (x86)\sXe Injected
2020-01-15 21:10 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-15 21:07 - 2009-07-14 01:45 - 000023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-15 21:07 - 2009-07-14 01:45 - 000023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-15 14:16 - 2019-11-07 19:05 - 000000000 ____D C:\Users\Usuario\Desktop\Nueva carpeta (2)
2020-01-15 13:59 - 2019-12-14 23:09 - 000000000 ____D C:\Program Files (x86)\Valve
2020-01-15 13:21 - 2017-04-15 14:37 - 001217024 ___SH C:\Users\Usuario\Downloads\Thumbs.db
2020-01-15 08:37 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-01-14 23:17 - 2019-11-20 15:42 - 000003386 _____ C:\Users\Usuario\Desktop\Nuevo documento de texto.txt
2020-01-14 21:42 - 2019-08-30 14:53 - 000003994 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{E059EABC-E287-4913-8534-575568C6E4FE}
2020-01-14 00:23 - 2016-11-18 19:44 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2020-01-13 17:45 - 2016-01-12 22:08 - 000000000 ____D C:\Program Files (x86)\QuickTime
2020-01-13 17:00 - 2017-10-23 04:33 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-01-13 16:08 - 2017-06-29 22:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-13 16:08 - 2014-03-30 20:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-13 11:47 - 2014-03-30 20:14 - 000000000 ____D C:\ProgramData\Mozilla
2020-01-13 11:42 - 2015-09-17 12:00 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2020-01-13 11:41 - 2017-02-06 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-13 11:31 - 2015-11-21 17:30 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-13 11:30 - 2018-03-14 18:28 - 000004500 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-13 11:28 - 2015-09-28 20:46 - 000003336 _____ C:\Windows\system32\Tasks\{3EF018CA-8414-4E95-8854-4E7751D9DA08}
2020-01-13 11:28 - 2015-09-28 19:12 - 000003280 _____ C:\Windows\system32\Tasks\{91152070-F5CA-47B1-921A-607F7CAF174A}
2020-01-12 18:46 - 2010-11-21 04:09 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2020-01-12 18:46 - 2010-11-21 04:09 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2020-01-12 18:46 - 2009-07-14 02:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-11 14:11 - 2009-07-14 02:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-11 13:32 - 2019-12-14 23:12 - 000002000 _____ C:\Users\Invitado\Desktop\Counter Strike.lnk
2019-12-24 17:32 - 2016-04-06 10:27 - 000000000 ____D C:\Users\Invitado
2019-12-19 12:08 - 2015-09-17 12:03 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Archivos en la raíz de algunos directorios ========

2020-01-11 13:45 - 2020-01-11 13:43 - 014932720 _____ (Alejandro Cortés) C:\Program Files (x86)\Common Files\InjectedSetup.exe
2015-09-28 19:06 - 2015-09-28 19:06 - 000000017 _____ () C:\Users\Usuario\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-01-08 13:35
==================== Final de FRST.txt ========================

Hola @manuelmdp1988

Me parecía extraño que Malwarebytes no te hubiera detectado nada, reanalizando el tema veo:

-Resumen del análisis- Tipo de análisis: Análisis de amenazas Análisis iniciado por:: Manual Resultado: Cancelado Objetos analizados: 0 Amenazas detectadas: 0 Amenazas en cuarentena: 0 Tiempo transcurrido: 0 min, 28 seg

Cancelaste el análisis del programa Malwarebytes, debes volver a ejecutarlo y realizar los pasos tal el Manual que te deje, eliminando todo lo que te detecte.

Nos traes el nuevo reporte.

Salu2