Instalación de firewall y ralentización de pc

pepitogrillo · 18 Junio, 2021 14:25

Por si te sirve y alternativamente puedes probar la herramienta de ESET AVRemover que según su lista de programas que logra desinstalar contempla a ZoneAlarm en distintas versiones :

https://support.eset.com/en/kb3527-eset-av-removerlist-of-removable-applications-and-instructions-to-run-the-tool#removable

Descargar ESET AVRemover versión de 64-bit

o

Descargar ESET AVRemover versión de 32-bit

Suerte.

Kato · 18 Junio, 2021 14:29

Muchas gracias, lo probaré ahora.

Kato · 18 Junio, 2021 14:34

Nada, lo acabo de probar y solo me detecta el malwarebytes, del ZoneAlarm ni rastro.

pepitogrillo · 18 Junio, 2021 14:38

¿Lo has vuelto primero a instalar.?

Kato · 18 Junio, 2021 14:38

No, ahora lo hago y te digo.

pepitogrillo · 18 Junio, 2021 14:41

De acuerdo, y otra herramienta que puedes intentar usar es el antiguo desinstalador de ZoneAlarm que existe al final de esta pagina, aunque NO sé que tal actuara/funcionara con versiones nuevas de ZoneAlarm :

Kato · 18 Junio, 2021 15:47

Ya está desinstalado! Al principio ejecuté el Eset AvRemover pero le daba error al intentar quitar el Zone Alarm. Después he ejecutado el clean.exe y después de que acabara me pidió reiniciar y he revisado los archivos y ni rastro y más de lo mismo en el administrador de tareas. Gracias por ayudarme!

pepitogrillo · 18 Junio, 2021 16:06

Excelente.

En conclusión, que el que te ayudo a realizar la desinstalación fue el CLEAN.exe especifico del propio ZONEALARM.

Y que versión de ZONEALARM habías tenido instalada en concreto, lo pregunto para tenerlo en cuenta ya que esa herramienta especifica hacia mucho que NO se actualizaba por parte de Zonealarm.

Saludos.

Kato · 18 Junio, 2021 16:47

Hola, tenía instalada digo yo que la versión más reciente de ZoneAlarm puesto que la descargué hace 2 días. De todas formas mi ordenador ya ha recuperado su velocidad original, era esa aplicación que baja mucho el rendimiento del ordenador (no sé si solo me pasa a mí pero si le pasa a más gente tienen que estar perdiendo clientes por este problema de rendimiento).

Marr0n · 19 Junio, 2021 00:31

Hola, buenos chicos disculpad mi intromisión en el tema. Con el permiso de @Kato, @Pablo, @nworder y @pepitogrillo.

Todo y que en principio parece que se ha conseguido desinstalar correctamente ZoneAlarm ya que finalmente se ha tenido que recurrir al uso de su herramienta especializada CLEAN.EXE. Podría llegar a darse el caso de que quedasen pequeños restos o algún residuo de este programa. Todo y que como bien comentas @Kato:

La máquina ya funciona con su rendimiento anterior. Haremos dicha comprobación para asegurar que está limpio de restos.

DESCARTAR RESTOS ZoneAlarm

Reinicias el ordenador en Modo Normal.
Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.
Descargas SystemLook_32_bits o SystemLook_64_bits en tu escritorio en función de la arquitectura de tu sistema operativo.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

Copias y pegas los códigos/líneas que están en el interior del recuadro de más abajo, dentro de la propia ventana del programa y pulsas en Look.

:filefind  
*ZoneAlarm*
*vsmon*
*Vsdatant*
*ZAPrivacyService*
*ZASP*
            
:regfind  
zonealarm
Zonealarm
zoneAlarm
ZoneAlarm

:folderfind
*ZoneAlarm*
*CheckPoint*

:service
vsmon
Vsdatant
ZAPrivacyService

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Esperas a que finalice la búsqueda de posibles restos del programa en cuestión. Puede tardar un buen rato así que lo dejas hasta que finalice.
Cuando finalice, en el ESCRITORIO se creará el fichero llamado SystemLook.txt lo traes en tu próxima respuesta.
Activas nuevamente tu antivirus y cualquier programa de seguridad que tuvieses activado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Kato · 19 Junio, 2021 09:54

Buenas aquí te mando el archivo que me ha generado.

SystemLook 30.07.11 by jpshortstuff
Log created at 11:49 on 19/06/2021 by Kato
Administrator - Elevation successful

========== filefind ==========

Searching for "*ZoneAlarm*"

Kato · 20 Junio, 2021 10:22

Perdón por el anterior mensaje, no esperé a que terminara de buscar los archivos residuales, aquí te envío el log bueno.

SystemLook 30.07.11 by jpshortstuff
Log created at 12:07 on 20/06/2021 by Kato
Administrator - Elevation successful

========== filefind ==========

Searching for "*ZoneAlarm*"
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk	--a---- 1343 bytes	[16:53 16/06/2021]	[16:53 16/06/2021] 303BA44263AA112CE05FE6C4E7C59516
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm\ZoneAlarm Registros.lnk	--a---- 829 bytes	[16:53 16/06/2021]	[16:53 16/06/2021] 6B13D7140995BA5DCFBCA86AF36B1945
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo\990.75.7_0\nt\img\zonealarm-logo.svg	--a---- 6314 bytes	[16:54 16/06/2021]	[20:13 01/06/2020] 7DB07C3F0A084AC0B9DE179255F62995
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo\990.75.7_0\nt\img\zonealarm.ico	--a---- 1150 bytes	[16:54 16/06/2021]	[20:13 01/06/2020] F28D7BF5B6A24A8F08D32A6FADE5A44C
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs	--a---- 37014 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] 3B6A6056910488C2F2D94B954B66C6F9
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe	--a---- 37014 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] AF1D16A6F6586A09CF2C3349F05DA49B
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe	--a---- 37014 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] AF1D16A6F6586A09CF2C3349F05DA49B
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel	--a---- 29892 bytes	[15:14 17/06/2021]	[15:14 17/06/2021] B51E127FCCF67277EB6B1D3F14264403
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip	--a---- 80332 bytes	[15:26 18/06/2021]	[15:27 18/06/2021] DCAE8AE73E3C3CEF3BD0A69024916D38

Searching for "*vsmon*"
No files found.

Searching for "*Vsdatant*"
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat	------- 8269 bytes	[15:13 20/05/2021]	[15:13 20/05/2021] 657E92FDF63DDC7768F2F7BA58430A17
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf	------- 3880 bytes	[15:13 20/05/2021]	[15:13 20/05/2021] 20F539CE9007934EA2165215215CADDD
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys	------- 461240 bytes	[15:13 20/05/2021]	[15:13 20/05/2021] B0395671CD4A1B046BC7269A37C8E089

Searching for "*ZAPrivacyService*"
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	--a---- 1367 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] ECA16C0EFD8DDA378BC3A68A22A74650
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	--a---- 998 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] 07E079DFAF071909A14867FB47E36FB6

Searching for "*ZASP*"
No files found.

Searching for "            "
No files found.

========== regfind ==========

Searching for "zonealarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

Searching for "Zonealarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

Searching for "zoneAlarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

Searching for "ZoneAlarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

========== folderfind ==========

Searching for "*ZoneAlarm*"
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm	d------	[16:53 16/06/2021]
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456	d------	[15:14 17/06/2021]
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614	d------	[15:16 17/06/2021]
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security	d------	[15:14 17/06/2021]

Searching for "*CheckPoint*"
No folders found.

========== service ==========

vsmon - Unable to open Service Handle.

Vsdatant - Unable to open Service Handle.

ZAPrivacyService - Unable to open Service Handle.

-= EOF =-

Marr0n · 21 Junio, 2021 13:40

Hola, buenas @Kato

Sí, correcto. Te lo iba a decir, pero tu mismo ya te has dado cuenta . Ese log sí que es el correcto.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

Reinicias el ordenador en Modo Normal.
Descargas DelFix en tu escritorio.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs	
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe	
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf	
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456	
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
C:\Program Files (x86)\CheckPoint
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791} |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |DISPLAYNAME
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |PRODUCTEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |REPORTINGEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA |50B2F4DDA5B067C4EAEFC3581E60E475

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Kato · 21 Junio, 2021 15:40

Aquí va el fixlog:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (21-06-2021 17:28:29) Run:1
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs	
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe	
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf	
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456	
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
C:\Program Files (x86)\CheckPoint
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791} |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |DISPLAYNAME
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |PRODUCTEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |REPORTINGEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA |50B2F4DDA5B067C4EAEFC3581E60E475

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm => movido correctamente
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo => movido correctamente
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs => movido correctamente
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe => movido correctamente
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe => movido correctamente
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel => movido correctamente
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip => movido correctamente
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat => movido correctamente
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf => movido correctamente
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys => movido correctamente
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log => movido correctamente
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log => movido correctamente
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456 => movido correctamente
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614 => movido correctamente
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security => movido correctamente
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point" => no encontrado
"C:\Program Files (x86)\CheckPoint" => no encontrado
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall => eliminado correctamente
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security" => no encontrado
HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm => eliminado correctamente
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free" => no encontrado
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security" => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\1" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\2" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791} \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service \\Description" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service \\Description" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\1" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\2" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} \\DISPLAYNAME" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} \\PRODUCTEXE" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} \\REPORTINGEXE" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906 \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B \\50B2F4DDA5B067C4EAEFC3581E60E475" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453 \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA \\50B2F4DDA5B067C4EAEFC3581E60E475" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA \\50B2F4DDA5B067C4EAEFC3581E60E475" => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
Error al renovar la interfaz Hamachi: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{E85A024A-5096-4274-8799-6FAD793989A0} canceled.
{A14F89BC-CD18-4B52-8203-73CBEBCA37F4} canceled.
{B40B6FC5-8372-4F5C-800B-D9E156AB65E2} canceled.
3 out of 3 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63994193 B
Java, Flash, Steam htmlcache => 574416156 B
Windows/system/drivers => 50855210 B
Edge => 87761 B
Chrome => 554914392 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 99092 B
NetworkService => 177398 B
Kato => 200066380 B

RecycleBin => 694004038 B
EmptyTemp: => 2 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 17:33:15 ====

Marr0n · 21 Junio, 2021 15:44

OK.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

Kato · 21 Junio, 2021 15:59

El frst.txt.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 20-06-2021
Ejecutado por Kato (administrador) sobre DESKTOP-KLCJ84U (Micro-Star International Co., Ltd MS-7B86) (21-06-2021 17:47:14)
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Platform: Windows 10 Pro Versión 2004 19041.1052 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(A-Volute SAS -> A-Volute) C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(Razer USA Ltd. -> Razer) C:\Windows\System32\RZSurroundService.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1263288 2018-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [ZaAntiRansomware] => "C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33249248 2021-06-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-18] (Google LLC -> Google LLC)
Startup: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-02-15]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1107FD95-1674-47EF-8890-1C23C61B53BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1884DE9A-711A-4A13-8671-A5E95375B555} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20575B82-DCD7-4773-986B-FE0AECC2CBC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {23540AF3-1A8B-4221-9242-88AC060CFE12} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {299A1A0C-0F4E-4A9B-B08E-AC9A334779A9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32DEDA83-8032-4003-9A37-2CFBAA3BDFCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F50D582-E7D3-4CF6-931A-BBBB0B62A6C9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4FB9F71D-761D-4B73-9CAE-79DE63EF2E95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A7ACFEC-F16D-46CE-9C9B-890705C75662} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6613746E-FE4F-4C4D-AC32-D4767079D1F0} - System32\Tasks\Opera scheduled Autoupdate 1556210451 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe
Task: {6FA4C3B9-56B3-4D11-A0EF-F23C6ED0E92D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {767411EB-45E2-4BA2-A55B-09A0336174AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CED1376-07FB-481B-AC03-1187C2F21296} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FE5C3DC-E12C-4133-A63E-523A0D9FDEF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {93857FD6-22A2-4123-860E-6334CF1E76C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F39D603-A8C4-468A-905F-22F641881E8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5386B2C-158F-4D2A-84BC-CFC96EB7CBE3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACD1F798-2A1B-4A6C-B858-B62BD06C37AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B4D2944E-22CF-44CE-BE08-603D7F668980} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA587BC9-524C-4BE0-A6CA-FBB4279B1BD5} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {BEEC3812-F976-48EB-8CE6-4F342D764175} - System32\Tasks\PCEAC56WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC56 WLAN Card Utilities\WlanMgr.exe
Task: {C207B42D-D566-423B-9783-0A9F94653E8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C34A6D8E-A941-45A0-A5A6-FB69F38FC765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFEF923D-9C46-4380-BEA9-0569E5E5A0E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {D1213EB2-0E81-4034-BDEF-2F26B2B8A0E2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1EA8B80-A303-405C-A1C6-03F43E840F8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4B7CD4D-3E36-4BCB-9155-027756FF1CF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {DC456497-91BB-4F6E-91C0-C7EF8515B6B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {EF51945A-D5CF-49C8-9EC5-7DFA72FE38D5} - System32\Tasks\Opera scheduled assistant Autoupdate 1556210454 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kato\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EFCA8F5C-03C5-4B85-BA5F-2685DF724E53} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0FBCE0C-770D-4B67-BDC2-52A203E75A69} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F6E25429-CBD8-4593-9519-0A03E887276D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F7263E59-A6CF-46A6-897D-C536222EE5B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}: [NameServer] 195.175.39.40,195.175.39.39
Tcpip\..\Interfaces\{541d6c36-cce2-43fc-a544-deceaf7a6643}: [DhcpNameServer] 192.168.46.242
Tcpip\..\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}: [NameServer] 195.175.39.40,195.175.39.39,25.0.0.1
Tcpip\..\Interfaces\{846c7fb7-9d7f-498e-b28d-19c799bd18f7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b0752e0e-5596-4ed5-ac64-200cd47d5898}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{df4dd499-8be6-4291-bec1-b8b3b1f4ba54}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}: [NameServer] 195.175.39.40,195.175.39.39

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-18]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default [2021-06-21]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://nofdpbenickbjghcdhapegiimmdinblo/nt/index.html"
CHR Extension: (Presentaciones) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-11]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-23]
CHR Extension: (Documentos) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-11]
CHR Extension: (Google Drive) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-11]
CHR Extension: (Google Maps) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhkaebcjjhencmpkapnbdaogjamfbcj [2021-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-21]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-21]
CHR HKLM\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM-x32\...\Chrome\Extension: [nofdpbenickbjghcdhapegiimmdinblo]
CHR HKLM-x32\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675376 2021-03-29] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Outfox; C:\Program Files\Outfox\OutfoxService.exe [128512 2018-08-14] (Golden Frog, GmbH) [Archivo no firmado]
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
S3 Rockstar Service; D:\Launcher\RockstarService.exe [2219416 2021-06-10] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzSndSrv; C:\WINDOWS\system32\RZSurroundService.exe [353520 2019-11-11] (Razer USA Ltd. -> Razer)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CPEFR; "C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe" [X]
S2 CpSbaCipolla; "C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe" [X]
S2 CpSbaUpdater; "C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 RemediationService; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe" [X]
S2 TESvc; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s [X]
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]
S2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
R3 sRZVAD; C:\WINDOWS\System32\drivers\RZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174728 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 ardrv; \??\C:\Users\Kato\AppData\Local\Temp\ardrv.sys [X] <==== ATENCIÓN

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-21 17:45 - 2021-06-21 17:48 - 000030700 _____ C:\Users\Kato\Desktop\FRST.txt
2021-06-21 17:28 - 2021-06-21 17:33 - 000030021 _____ C:\Users\Kato\Desktop\Fixlog.txt
2021-06-21 17:26 - 2021-06-21 17:26 - 000000252 _____ C:\Users\Kato\Desktop\DelFix.txt
2021-06-21 17:26 - 2021-06-21 17:26 - 000000000 ____D C:\WINDOWS\ERUNT
2021-06-21 17:24 - 2021-06-21 17:24 - 000781312 _____ C:\Users\Kato\Desktop\Delfix_1.013.exe
2021-06-21 17:17 - 2021-06-21 17:47 - 000000000 ____D C:\FRST
2021-06-21 17:16 - 2021-06-21 17:16 - 002300416 _____ (Farbar) C:\Users\Kato\Desktop\FRST64.exe
2021-06-20 12:07 - 2021-06-20 12:20 - 000091610 _____ C:\Users\Kato\Desktop\SystemLook.txt
2021-06-19 11:44 - 2021-06-19 11:44 - 000165376 _____ C:\Users\Kato\Desktop\SystemLook_x64.exe
2021-06-17 19:08 - 2021-06-17 19:08 - 010482312 _____ C:\WINDOWS\cpepmon.mlf
2021-06-17 17:49 - 2021-06-17 17:50 - 000000000 ____D C:\AdwCleaner
2021-06-17 17:48 - 2021-06-17 17:48 - 008534696 _____ (Malwarebytes) C:\Users\Kato\Downloads\adwcleaner_8.2.exe
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-17 17:37 - 2021-06-17 17:37 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-17 17:37 - 2021-06-17 17:37 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-17 17:37 - 2021-06-17 17:37 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-17 17:36 - 2021-06-17 17:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-17 17:36 - 2021-06-17 17:36 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-17 17:36 - 2021-06-17 17:36 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-17 17:36 - 2021-06-17 17:36 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-17 17:36 - 2021-06-17 17:36 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-17 17:36 - 2021-06-17 17:36 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-17 17:35 - 2021-06-17 17:35 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-17 17:35 - 2021-06-17 17:35 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-17 17:35 - 2021-06-17 17:35 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-17 17:34 - 2021-06-17 17:34 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-16 18:54 - 2021-06-16 18:54 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2021-06-16 16:46 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-16 16:38 - 2021-06-09 16:14 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001453328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001192720 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 002106128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001590544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001514768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000811792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000689936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-16 16:37 - 2021-06-09 16:13 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 007434016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-16 16:37 - 2021-06-09 16:11 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-16 16:37 - 2021-06-09 16:10 - 006159144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-16 16:37 - 2021-06-09 05:58 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-15 16:45 - 2021-06-15 17:05 - 3426484224 _____ C:\Users\Kato\Downloads\kali-linux-2021.2-virtualbox-i386.ova
2021-06-15 16:39 - 2021-06-15 17:09 - 000000000 ____D C:\Users\Kato\VirtualBox VMs
2021-06-15 16:36 - 2021-06-15 16:36 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\Program Files\Oracle
2021-06-15 16:36 - 2021-04-28 14:27 - 000187648 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2021-06-15 16:36 - 2021-04-28 14:26 - 001038080 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2021-06-15 16:33 - 2021-06-15 16:34 - 108114104 _____ (Oracle Corporation) C:\Users\Kato\Downloads\VirtualBox-6.1.22-144080-Win.exe
2021-06-13 20:23 - 2021-06-16 18:52 - 000000000 ____D C:\Users\Kato\.VirtualBox
2021-06-13 20:23 - 2021-06-16 18:46 - 000000000 ____D C:\ProgramData\VirtualBox
2021-06-13 20:18 - 2021-06-13 20:18 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-13 20:18 - 2021-06-13 20:18 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-13 20:17 - 2021-06-13 20:17 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-13 20:16 - 2021-06-13 20:16 - 002080712 _____ (Malwarebytes) C:\Users\Kato\Downloads\MBSetup.exe
2021-06-12 22:44 - 2021-06-13 11:33 - 001299116 _____ C:\WINDOWS\Minidump\061221-32015-01.dmp
2021-06-10 18:56 - 2021-06-10 19:01 - 002580556 _____ C:\WINDOWS\Minidump\061021-44562-01.dmp
2021-05-30 16:19 - 2021-06-13 11:34 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-30 16:19 - 2021-05-30 16:23 - 001217756 _____ C:\WINDOWS\Minidump\053021-34328-01.dmp
2021-05-30 16:18 - 2021-06-12 22:44 - 1037373645 _____ C:\WINDOWS\MEMORY.DMP
2021-05-28 20:42 - 2021-05-28 20:42 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\Users\Kato\AppData\Local\VS Revo Group
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\Program Files\VS Revo Group
2021-05-28 20:42 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2021-05-28 20:41 - 2021-05-28 20:41 - 016525224 _____ (VS Revo Group ) C:\Users\Kato\Downloads\RevoUninProSetup.exe
2021-05-28 20:19 - 2021-05-28 20:20 - 000158440 _____ C:\Users\Kato\Documents\TRABAJO TEMA 6 .pdf
2021-05-28 17:21 - 2021-05-28 17:21 - 000002689 _____ C:\Users\Kato\Desktop\Google Maps.lnk
2021-05-24 18:06 - 2021-06-21 17:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-24 17:32 - 2021-05-24 17:32 - 000000000 ____D C:\Users\Kato\AppData\Roaming\QtProject
2021-05-24 17:32 - 2019-11-08 10:14 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2021-05-24 17:32 - 2019-11-08 10:14 - 000019152 _____ C:\WINDOWS\system32\pwdrvio.sys
2021-05-24 17:32 - 2019-11-08 10:14 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2021-05-24 17:30 - 2021-05-24 17:38 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2021-05-24 17:27 - 2021-05-24 17:27 - 000000000 ____D C:\Program Files (x86)\EaseUS
2021-05-24 17:27 - 2021-04-21 14:27 - 000076344 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUDCPEPM.sys
2021-05-24 17:27 - 2021-04-21 14:27 - 000033712 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUEDKEPM.sys
2021-05-23 20:36 - 2021-05-23 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant
2021-05-23 18:02 - 2021-06-20 12:45 - 000000000 ____D C:\Users\Kato\AppData\Local\WhatsApp
2021-05-23 18:02 - 2021-05-23 18:02 - 000002192 _____ C:\Users\Kato\Desktop\WhatsApp.lnk
2021-05-23 18:00 - 2021-05-23 18:01 - 130594512 _____ (WhatsApp) C:\Users\Kato\Downloads\WhatsAppSetup (1).exe
2021-05-22 22:55 - 2021-05-22 22:55 - 000002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2021-05-22 22:55 - 2021-05-22 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2021-05-22 20:00 - 2021-06-21 17:26 - 000000252 _____ C:\DelFix.txt
2021-05-22 19:33 - 2021-05-22 19:33 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-22 19:32 - 2021-05-22 19:32 - 003342736 _____ (Alexander Roshal) C:\Users\Kato\Downloads\WinRAR_(64bit)_v6.01.exe
2021-05-22 16:12 - 2021-05-22 16:13 - 000489754 _____ C:\cc_20210522_161233.reg
2021-05-22 11:16 - 2021-05-22 11:16 - 000000273 _____ C:\Users\Kato\Desktop\Rocket League®.url
2021-05-22 11:14 - 2021-05-22 11:14 - 000000219 _____ C:\Users\Kato\Desktop\Counter-Strike Global Offensive.url

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-21 17:47 - 2019-10-03 19:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-21 17:37 - 2018-11-11 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-21 17:34 - 2020-10-11 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-21 17:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-21 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-21 17:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-21 17:32 - 2018-10-30 20:31 - 000000000 ____D C:\Users\Kato\AppData\LocalLow\Temp
2021-06-21 17:24 - 2020-10-11 16:41 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2EDE850B-4BB9-488A-92CD-0EDD412A80D9}
2021-06-21 17:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-21 17:10 - 2020-10-11 16:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-20 22:01 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Roaming\discord
2021-06-20 22:01 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\Discord
2021-06-20 14:07 - 2018-11-24 14:39 - 000000000 ____D C:\Users\Kato\AppData\Roaming\WhatsApp
2021-06-20 12:45 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\SquirrelTemp
2021-06-20 12:01 - 2020-07-17 15:26 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-20 12:01 - 2020-07-17 15:26 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-19 11:31 - 2020-10-11 16:34 - 000798940 _____ C:\WINDOWS\system32\perfh019.dat
2021-06-19 11:31 - 2020-10-11 16:34 - 000187920 _____ C:\WINDOWS\system32\perfc019.dat
2021-06-19 11:31 - 2020-10-11 16:32 - 000005852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-19 11:31 - 2019-12-07 16:55 - 000929578 _____ C:\WINDOWS\system32\perfh00A.dat
2021-06-19 11:31 - 2019-12-07 16:55 - 000198560 _____ C:\WINDOWS\system32\perfc00A.dat
2021-06-18 21:21 - 2020-10-11 16:21 - 000000000 ____D C:\Users\Kato
2021-06-18 17:25 - 2020-10-11 16:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1141238596-2014631217-894586651-1001
2021-06-18 17:25 - 2020-10-11 16:21 - 000002394 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-18 17:25 - 2018-11-10 16:16 - 000000000 ___RD C:\Users\Kato\OneDrive
2021-06-18 17:18 - 2021-05-14 17:07 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-18 16:47 - 2018-11-11 19:26 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 19:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-17 19:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-17 19:10 - 2020-10-11 16:15 - 000529144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-17 19:06 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-17 17:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-17 16:45 - 2020-08-27 12:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 16:45 - 2018-11-12 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-17 16:41 - 2018-11-12 16:55 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-16 20:18 - 2018-12-24 19:23 - 000000000 ____D C:\Users\Kato\AppData\Local\CrashDumps
2021-06-16 16:48 - 2018-12-09 12:35 - 000000000 ____D C:\Users\Kato\AppData\Local\NVIDIA
2021-06-13 20:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-13 17:19 - 2018-11-10 15:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-12 21:10 - 2019-02-14 21:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files\Rockstar Games
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-06-10 19:02 - 2020-09-22 21:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-10 16:55 - 2018-11-10 16:14 - 000000000 ____D C:\Users\Kato\AppData\Local\Packages
2021-06-09 16:13 - 2021-04-24 17:55 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-09 16:10 - 2020-09-12 19:19 - 007212216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-09 05:58 - 2020-09-12 19:22 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-08 20:22 - 2018-10-20 11:13 - 000000000 ____D C:\Users\Kato\AppData\Local\UnrealEngine
2021-06-07 20:56 - 2018-11-11 18:12 - 000000000 ____D C:\Users\Kato\AppData\Local\PlaceholderTileLogoFolder
2021-06-07 20:56 - 2018-11-10 17:11 - 000000000 ____D C:\ProgramData\Packages
2021-06-01 19:15 - 2018-10-17 16:57 - 000000000 ____D C:\Users\Kato\AppData\Local\D3DSCache
2021-06-01 16:16 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-28 17:21 - 2021-01-23 15:55 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2021-05-25 21:08 - 2018-10-16 17:10 - 000002222 _____ C:\Users\Kato\Desktop\Discord.lnk
2021-05-25 17:25 - 2020-12-02 18:42 - 000000000 ____D C:\Users\Kato\AppData\Roaming\audacity
2021-05-25 16:45 - 2021-05-19 18:04 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-25 07:48 - 2020-08-27 12:20 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-08-27 12:20 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-24 17:38 - 2019-05-13 18:29 - 000000000 ____D C:\Users\Kato\AppData\Local\GeoGebra_6
2021-05-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-05-24 17:27 - 2020-01-30 22:10 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-05-24 16:46 - 2020-12-14 17:32 - 000002379 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-05-23 20:36 - 2021-03-11 17:21 - 000001024 ____H C:\AMTAG.BIN
2021-05-23 18:02 - 2018-11-24 14:39 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-05-22 22:55 - 2019-02-14 21:32 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-22 20:24 - 2021-05-19 18:31 - 000000000 ____D C:\Users\Kato\Doctor Web
2021-05-22 20:15 - 2019-02-14 20:16 - 000000000 ____D C:\Program Files\WinRAR
2021-05-22 20:01 - 2021-05-19 18:34 - 000000000 ____D C:\Users\Kato\AppData\Roaming\GlarySoft
2021-05-22 19:33 - 2019-03-11 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-22 19:21 - 2020-05-08 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-05-22 16:14 - 2020-02-19 17:29 - 000000000 ____D C:\Users\Kato\AppData\Local\Kolor
2021-05-22 16:14 - 2020-02-19 17:28 - 000000000 ____D C:\Program Files\Kolor
2021-05-22 16:10 - 2020-10-09 11:14 - 000000000 ___DC C:\WINDOWS\Panther
2021-05-22 16:08 - 2019-10-05 11:52 - 000000000 ____D C:\Temp

==================== Archivos en la raíz de algunos directorios ========

2020-05-07 13:10 - 2020-05-07 13:10 - 000000604 ____H () C:\Program Files (x86)\_Z2
2018-12-14 20:04 - 2019-05-22 16:23 - 000001845 _____ () C:\Users\Kato\AppData\Local\oobelibMkey.log
2019-02-20 17:59 - 2019-02-20 19:28 - 000000093 _____ () C:\Users\Kato\AppData\Local\X-Plane 11 Preferences.prf
2019-02-20 19:14 - 2020-10-23 20:01 - 000000037 _____ () C:\Users\Kato\AppData\Local\X-Plane Installer.prf
2019-02-20 19:14 - 2020-10-23 20:05 - 000000112 _____ () C:\Users\Kato\AppData\Local\X-Plane_drm_11.prf
2019-02-20 18:00 - 2019-02-20 18:00 - 000000016 _____ () C:\Users\Kato\AppData\Local\x-plane_install_11.txt
2019-06-27 17:31 - 2020-10-23 20:03 - 000000102 _____ () C:\Users\Kato\AppData\Local\X-Plane_xdd_11.prf

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Kato · 21 Junio, 2021 16:03

El addition.txt. Que conste que si aparecen programas de seguridad o antimalware es porque hace un mes y pico realicé una desinfección de mi equipo por medio de este foro.

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (21-06-2021 17:49:29)
Ejecutado desde C:\Users\Kato\Desktop
Windows 10 Pro Versión 2004 19041.1052 (X64) (2020-10-11 14:43:03)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1141238596-2014631217-894586651-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1141238596-2014631217-894586651-503 - Limited - Disabled)
Invitado (S-1-5-21-1141238596-2014631217-894586651-501 - Limited - Disabled)
Kato (S-1-5-21-1141238596-2014631217-894586651-1001 - Administrator - Enabled) => C:\Users\Kato
WDAGUtilityAccount (S-1-5-21-1141238596-2014631217-894586651-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Spybot - Search and Destroy (Disabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: ZoneAlarm Firewall (Disabled) {841A2C1E-F526-E32F-8E57-7FBF8B0698E4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7.1 Surround Sound (HKLM-x32\...\Razer Surround Sound) (Version: 1.0.1.12 - Razer Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_3) (Version: 13.0.3 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0) (Version: 14.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
ASUS PCE-AC56 WLAN Card Utilities/Driver (HKLM-x32\...\{FD792656-6D10-4876-AB24-A845232B7527}) (Version: 2.1.3.8 - ASUS)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
Discord (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\CitizenFX_FiveM) (Version:  - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.114 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1034-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Macrium Reflect Free Edition (HKLM\...\{9AA26274-9F90-4E5F-9CC7-C3698D4BE301}) (Version: 7.3.5672 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.12 - MSI)
NBP ColourmapX version 1.5.0 (HKLM-x32\...\{A440258D-EC79-4A9B-89C5-FB7E06F2F4A0}_is1) (Version: 1.5.0 - Nino Batista Photography)
NVIDIA Controlador de audio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 466.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.77 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.6.0 - Golden Frog, GmbH)
paint.net (HKLM\...\{7ADB1B05-39DE-4888-A72D-D1F3A791D45F}) (Version: 4.2.12 - dotPDN LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Revo Uninstaller Pro 4.4.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.41.364 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Software Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\WhatsApp) (Version: 2.2123.7 - WhatsApp)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2021-05-21] (Adobe Systems Incorporated)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-29] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.2.0_x64__8wekyb3d8bbwe [2021-06-11] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1141238596-2014631217-894586651-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\nvshext.dll [2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\SysWOW64\lhacm.acm [34064 2020-03-25] (Microsoft Corporation) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Kato\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Módulos cargados (Lista blanca) =============

2018-08-14 18:07 - 2018-08-14 18:07 - 000169472 _____ () [Archivo no firmado] C:\Program Files\Outfox\libuv.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000168960 _____ () [Archivo no firmado] C:\Program Files\Outfox\websockets.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000022528 _____ () [Archivo no firmado] C:\Program Files\Outfox\WinDivert.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 001830400 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\GamingCoreLib.dll
2018-08-14 18:17 - 2018-08-14 18:17 - 000359424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxWindows.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 000295424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\RedirectLibrary.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000073728 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\cares.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000359936 _____ (The cURL library, hxxps://curl.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\libcurl.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 002265088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\LIBEAY32.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000383488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\SSLEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

SearchScopes: HKU\S-1-5-21-1141238596-2014631217-894586651-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.

IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-06-16 18:54 - 2021-06-21 17:32 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> C:\aircrack-ng-1.6-win\bin
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kato\Pictures\fondo definitivo.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Wi-Fi 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "Krisp"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Puntos de Restauración =========================

16-06-2021 19:05:18 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
16-06-2021 19:15:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
17-06-2021 16:45:44 Instalador de Módulos de Windows
17-06-2021 17:02:21 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/21/2021 05:35:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Nombre del módulo con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00098210
Identificador del proceso con errores: 0x1090
Hora de inicio de la aplicación con errores: 0x01d766b2f676acaf
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Identificador del informe: 353efd7a-4381-43fe-9e0a-9d54d75031a0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/21/2021 05:29:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (06/21/2021 05:28:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {95c64ddc-f6e0-4f3e-8d0f-287eb62348f6}

Error: (06/18/2021 08:17:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Taskmgr.exe (versión 10.0.19041.844) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: acc

Hora de Inicio: 01d7646e245c69d0

Hora de finalización: 5

Ruta de la aplicación: C:\Windows\System32\Taskmgr.exe

Id. de informe: 7e0714d0-692a-46d5-a36f-ed9c9ad340ab

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-thread

Error: (06/18/2021 08:17:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa mmc.exe (versión 10.0.19041.746) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 1894

Hora de Inicio: 01d7646d84ae4fa7

Hora de finalización: 579

Ruta de la aplicación: C:\Windows\System32\mmc.exe

Id. de informe: 045d4f23-d393-4f9d-a075-261fd2305c5f

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-thread

Error: (06/18/2021 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mmc.exe, versión: 10.0.19041.746, marca de tiempo: 0x52055893
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.1023, marca de tiempo: 0x924f9cdb
Código de excepción: 0x00000000
Desplazamiento de errores: 0x0000000000034b89
Identificador del proceso con errores: 0x3794
Hora de inicio de la aplicación con errores: 0x01d7646d1a68bd70
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\mmc.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 2ba56a1d-5a9c-418a-b5a2-e206d4f8af95
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/18/2021 08:02:09 PM) (Source: MsiInstaller) (EventID: 11719) (User: DESKTOP-KLCJ84U)
Description: Product: TinyWall -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (06/18/2021 05:32:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Nombre del módulo con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00098210
Identificador del proceso con errores: 0xf78
Hora de inicio de la aplicación con errores: 0x01d7645711cabbe7
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Identificador del informe: c6bd6023-2ce0-4db8-950c-b0c9aa6293df
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (06/21/2021 05:37:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Check Point Sandblast Agent Updater depende del servicio Check Point Sandblast Agent Cipolla, el cual no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point Sandblast Agent Cipolla no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point SandBlast Agent Threat Emulation no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point Endpoint Remediation no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point Sandblast Agent Cipolla no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:36:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/21/2021 05:34:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio ZA NET ICM Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:34:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio ZAARUpdateService no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
================
Date: 2021-06-17 18:11:53
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {E0A2279A-B58A-4B92-9EBD-E0F9A03FCCA7}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-16 18:32:47
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {9F83EAB1-07DD-4FEC-A2AE-4530397E250A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-14 18:29:24
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {FC7B9169-461D-4E43-9BE7-62105817AB87}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-13 20:51:04
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {59BBC60B-1FAA-4AC1-8059-6DB4C6A1DDDF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-05-26 16:19:19
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2021-05-26T14:19:19.236Z
Usuario: DESKTOP-KLCJ84U\Kato
Ruta de acceso: \Device\Harddisk1\DR1
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.339.601.0
Versión del motor: 1.1.18100.6
Versión del producto: 4.18.2104.10

Date: 2021-06-19 11:40:34
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.341.914.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18200.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2021-06-13 17:09:40
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.341.668.0
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18200.4
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.341.668.0
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18200.4
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18200.4
Versión de motor anterior: 1.1.18100.6
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

CodeIntegrity:
===============
Date: 2021-06-18 17:22:51
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1.00 06/27/2018
Placa base: Micro-Star International Co., Ltd B450 GAMING PLUS (MS-7B86)
Procesador: AMD Ryzen 5 2600 Six-Core Processor 
Porcentaje de memoria en uso: 23%
RAM física total: 16335.26 MB
RAM física disponible: 12514.84 MB
Virtual total: 28335.26 MB
Virtual disponible: 22623.14 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:667.51 GB) NTFS
Drive d: (SSD) (Fixed) (Total:223.57 GB) (Free:149.12 GB) NTFS

\\?\Volume{cd464440-c406-4f54-9ed8-9c78cdc84762}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{816f243e-e65d-49ff-bb14-9d747dacf149}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AD8A6695)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0A110421)

Partition: GPT.

==================== Final de Addition.txt =======================

Marr0n · 22 Junio, 2021 14:53

Hola, buenas @Kato

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

Reinicias el ordenador en Modo Normal.
Descargas DelFix en tu escritorio.
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.
Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).
Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.
Cunado finalicé, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.
Reinicias el ordenador en Modo Normal.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

DESINSTALACIÓN PROGRAMAS

Para los programas en que te diga: puedes quitarlos. Hazlo así:

Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.

Quitas todos los programas que encuentre Revo con los nombres de: Check Point y ZoneAlarm.

Pues serían los siguientes:

Check Point SBA
ZoneAlarm Anti-Ransomware

Estos deben de quedar completamente desinstalados.

Finalmente, aparte del FIXLOG. Comentas si has podido quitar ambos programas o si bien te ha surgido algún problema.

Salu2.

Kato · 22 Junio, 2021 15:45

Ya he realizado ambos procedimientos. Aquí te pego el fixlog. En cuanto al revo uninstaller, me ha dejado ya desinstalar los dos programas que me has comentado sin ningún problema.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (22-06-2021 17:28:05) Run:2
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}\\SystemComponent" => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}\\SystemComponent" => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 12869632 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19086644 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1049175 B
Edge => 0 B
Chrome => 426748852 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5368 B
Kato => 32629108 B

RecycleBin => 183280 B
EmptyTemp: => 469.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 17:30:23 ====

Marr0n · 22 Junio, 2021 18:37

Hola, buenas @Kato

Perfecto . Vamos por buen camino para erradicarlo completamente. Pero aún queda un poquito. Me traes un par de logs frescos de FRST. Para ello:

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).
Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.
En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.
Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

No realices pasos/acciones que NOSOTROS no te hayamos indicado.

No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.

No instales NADA (programas/software/complementos/extensiones del navegador…).

No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).

No realices por tu cuenta otros procedimientos.

Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.