Instalación de firewall y ralentización de pc

Perdón por el anterior mensaje, no esperé a que terminara de buscar los archivos residuales, aquí te envío el log bueno.

SystemLook 30.07.11 by jpshortstuff
Log created at 12:07 on 20/06/2021 by Kato
Administrator - Elevation successful

========== filefind ==========

Searching for "*ZoneAlarm*"
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk	--a---- 1343 bytes	[16:53 16/06/2021]	[16:53 16/06/2021] 303BA44263AA112CE05FE6C4E7C59516
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm\ZoneAlarm Registros.lnk	--a---- 829 bytes	[16:53 16/06/2021]	[16:53 16/06/2021] 6B13D7140995BA5DCFBCA86AF36B1945
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo\990.75.7_0\nt\img\zonealarm-logo.svg	--a---- 6314 bytes	[16:54 16/06/2021]	[20:13 01/06/2020] 7DB07C3F0A084AC0B9DE179255F62995
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo\990.75.7_0\nt\img\zonealarm.ico	--a---- 1150 bytes	[16:54 16/06/2021]	[20:13 01/06/2020] F28D7BF5B6A24A8F08D32A6FADE5A44C
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs	--a---- 37014 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] 3B6A6056910488C2F2D94B954B66C6F9
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe	--a---- 37014 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] AF1D16A6F6586A09CF2C3349F05DA49B
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe	--a---- 37014 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] AF1D16A6F6586A09CF2C3349F05DA49B
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel	--a---- 29892 bytes	[15:14 17/06/2021]	[15:14 17/06/2021] B51E127FCCF67277EB6B1D3F14264403
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip	--a---- 80332 bytes	[15:26 18/06/2021]	[15:27 18/06/2021] DCAE8AE73E3C3CEF3BD0A69024916D38

Searching for "*vsmon*"
No files found.

Searching for "*Vsdatant*"
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat	------- 8269 bytes	[15:13 20/05/2021]	[15:13 20/05/2021] 657E92FDF63DDC7768F2F7BA58430A17
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf	------- 3880 bytes	[15:13 20/05/2021]	[15:13 20/05/2021] 20F539CE9007934EA2165215215CADDD
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys	------- 461240 bytes	[15:13 20/05/2021]	[15:13 20/05/2021] B0395671CD4A1B046BC7269A37C8E089

Searching for "*ZAPrivacyService*"
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	--a---- 1367 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] ECA16C0EFD8DDA378BC3A68A22A74650
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	--a---- 998 bytes	[16:54 16/06/2021]	[16:54 16/06/2021] 07E079DFAF071909A14867FB47E36FB6

Searching for "*ZASP*"
No files found.

Searching for "            "
No files found.

========== regfind ==========

Searching for "zonealarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

Searching for "Zonealarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

Searching for "zoneAlarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

Searching for "ZoneAlarm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"DISPLAYNAME"="ZoneAlarm Firewall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"PRODUCTEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4}]
"REPORTINGEXE"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\VSMonEventLogProvider.man"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D]
"466F64B752459D5478165E605F7DD121"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\dltel.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA]
"50B2F4DDA5B067C4EAEFC3581E60E475"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm_loc0405.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}]
"DisplayName"="ZoneAlarm Anti-Ransomware"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"DisplayName"="ZoneAlarm ICM NET Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service]
"Description"="ZoneAlarm ICM Service"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"1"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Herramienta de diagnóstico.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\diagnostics\DiagnosticsCaptureTool.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"2"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Free Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Security"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security]
"DisplayName"="ZoneAlarm Firewall"
[HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com]

========== folderfind ==========

Searching for "*ZoneAlarm*"
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm	d------	[16:53 16/06/2021]
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456	d------	[15:14 17/06/2021]
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614	d------	[15:16 17/06/2021]
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security	d------	[15:14 17/06/2021]

Searching for "*CheckPoint*"
No folders found.

========== service ==========

vsmon - Unable to open Service Handle.

Vsdatant - Unable to open Service Handle.

ZAPrivacyService - Unable to open Service Handle.

-= EOF =-

Hola, buenas @Kato

Sí, correcto. Te lo iba a decir, pero tu mismo ya te has dado cuenta . Ese log sí que es el correcto.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

• Reinicias el ordenador en Modo Normal.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs	
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe	
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf	
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456	
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
C:\Program Files (x86)\CheckPoint
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791} |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |DISPLAYNAME
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |PRODUCTEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |REPORTINGEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA |50B2F4DDA5B067C4EAEFC3581E60E475

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Aquí va el fixlog:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (21-06-2021 17:28:29) Run:1
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs	
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe	
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf	
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log	
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456	
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
C:\Program Files (x86)\CheckPoint
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security
DeleteKey: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com
DeleteKey: HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791} |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service |Description
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |1
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC |2
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security |DisplayName
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |DISPLAYNAME
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |PRODUCTEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} |REPORTINGEXE
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453 |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D |466F64B752459D5478165E605F7DD121
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA |50B2F4DDA5B067C4EAEFC3581E60E475
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA |50B2F4DDA5B067C4EAEFC3581E60E475

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
C:\$Recycle.Bin\S-1-5-21-1141238596-2014631217-894586651-1001\$R0WIUH3\ZoneAlarm => movido correctamente
C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofdpbenickbjghcdhapegiimmdinblo => movido correctamente
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\C__ProgramData_CheckPoint_ZoneAlarm_Logs => movido correctamente
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_diagnostics_DiagnosticsCaptureTool_exe => movido correctamente
C:\Users\Kato\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}_CheckPoint_ZoneAlarm_zatray_exe => movido correctamente
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm Security.ruel => movido correctamente
C:\Users\Kato\AppData\Local\Temp\ZoneAlarm_logs.zip => movido correctamente
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\Vsdatant.cat => movido correctamente
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.inf => movido correctamente
C:\Windows\System32\DriverStore\FileRepository\vsdatant.inf_amd64_fc472080d73c06c6\vsdatant.sys => movido correctamente
C:\Users\Kato\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log => movido correctamente
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\ZaPrivacyService.exe.log => movido correctamente
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171456 => movido correctamente
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\ZoneAlarm Free Firewall-17062021-171614 => movido correctamente
C:\Users\Kato\AppData\Local\VS Revo Group\Revo Uninstaller Pro\Logs\ZoneAlarm Security => movido correctamente
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point" => no encontrado
"C:\Program Files (x86)\CheckPoint" => no encontrado
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall => eliminado correctamente
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security" => no encontrado
HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security => eliminado correctamente
HKEY_CURRENT_USER\SOFTWARE\Zone Labs\ZoneAlarm => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm => eliminado correctamente
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Antivirus Installer" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\CheckPoint\ZoneAlarm\Installed\ZoneAlarm Web Secure Free" => no encontrado
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => eliminado correctamente
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => eliminado correctamente
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security" => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security => no encontrado
HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Zone Labs\ZoneAlarm => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zonealarm-stop.com => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-download-now.com => no encontrado
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\zonealarm-stop.com => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\1" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\2" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_CURRENT_USER\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791} \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ZA NET ICM Service \\Description" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZA NET ICM Service \\Description" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\1" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC \\2" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\ZoneAlarm Free Firewall\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{37F2A556-851C-46BA-BDD4-48745E7A106B}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_USERS\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\VS Revo Group\Revo Uninstaller Pro\Uninstaller\Traced\LogsUSs\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}\ZoneAlarm Security \\DisplayName" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} \\DISPLAYNAME" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} \\PRODUCTEXE" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{841A2C1E-F526-E32F-8E57-7FBF8B0698E4} \\REPORTINGEXE" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBB55EBAC7FBF94BBF41A4B5C823906 \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\16EAF3E24A5009A499C7EEE5A337A65E \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AB8127DB6A700A4782AEEC23939A90D \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F79C687F2926084F86D18EC212A458B \\50B2F4DDA5B067C4EAEFC3581E60E475" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\421572EAB5F08254186DC4927B03F7DB \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5055CC8B7B2F7894FA4E8F2CE88EB453 \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\832C20B1262356642BA36B31A9C7100D \\466F64B752459D5478165E605F7DD121" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A65AE63EB4FA01A469FEA89477FD48AA \\50B2F4DDA5B067C4EAEFC3581E60E475" => no encontrado
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6D9A8D4509AC25449616A03430BCABA \\50B2F4DDA5B067C4EAEFC3581E60E475" => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
Error al renovar la interfaz Hamachi: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{E85A024A-5096-4274-8799-6FAD793989A0} canceled.
{A14F89BC-CD18-4B52-8203-73CBEBCA37F4} canceled.
{B40B6FC5-8372-4F5C-800B-D9E156AB65E2} canceled.
3 out of 3 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63994193 B
Java, Flash, Steam htmlcache => 574416156 B
Windows/system/drivers => 50855210 B
Edge => 87761 B
Chrome => 554914392 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 99092 B
NetworkService => 177398 B
Kato => 200066380 B

RecycleBin => 694004038 B
EmptyTemp: => 2 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 17:33:15 ====

OK.

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

El frst.txt.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 20-06-2021
Ejecutado por Kato (administrador) sobre DESKTOP-KLCJ84U (Micro-Star International Co., Ltd MS-7B86) (21-06-2021 17:47:14)
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Platform: Windows 10 Pro Versión 2004 19041.1052 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(A-Volute SAS -> A-Volute) C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(Razer USA Ltd. -> Razer) C:\Windows\System32\RZSurroundService.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1263288 2018-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [ZaAntiRansomware] => "C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33249248 2021-06-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-18] (Google LLC -> Google LLC)
Startup: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-02-15]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1107FD95-1674-47EF-8890-1C23C61B53BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1884DE9A-711A-4A13-8671-A5E95375B555} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20575B82-DCD7-4773-986B-FE0AECC2CBC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {23540AF3-1A8B-4221-9242-88AC060CFE12} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {299A1A0C-0F4E-4A9B-B08E-AC9A334779A9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32DEDA83-8032-4003-9A37-2CFBAA3BDFCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F50D582-E7D3-4CF6-931A-BBBB0B62A6C9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4FB9F71D-761D-4B73-9CAE-79DE63EF2E95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A7ACFEC-F16D-46CE-9C9B-890705C75662} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6613746E-FE4F-4C4D-AC32-D4767079D1F0} - System32\Tasks\Opera scheduled Autoupdate 1556210451 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe
Task: {6FA4C3B9-56B3-4D11-A0EF-F23C6ED0E92D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {767411EB-45E2-4BA2-A55B-09A0336174AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CED1376-07FB-481B-AC03-1187C2F21296} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FE5C3DC-E12C-4133-A63E-523A0D9FDEF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {93857FD6-22A2-4123-860E-6334CF1E76C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F39D603-A8C4-468A-905F-22F641881E8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5386B2C-158F-4D2A-84BC-CFC96EB7CBE3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACD1F798-2A1B-4A6C-B858-B62BD06C37AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B4D2944E-22CF-44CE-BE08-603D7F668980} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA587BC9-524C-4BE0-A6CA-FBB4279B1BD5} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {BEEC3812-F976-48EB-8CE6-4F342D764175} - System32\Tasks\PCEAC56WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC56 WLAN Card Utilities\WlanMgr.exe
Task: {C207B42D-D566-423B-9783-0A9F94653E8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C34A6D8E-A941-45A0-A5A6-FB69F38FC765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFEF923D-9C46-4380-BEA9-0569E5E5A0E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {D1213EB2-0E81-4034-BDEF-2F26B2B8A0E2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1EA8B80-A303-405C-A1C6-03F43E840F8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4B7CD4D-3E36-4BCB-9155-027756FF1CF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {DC456497-91BB-4F6E-91C0-C7EF8515B6B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {EF51945A-D5CF-49C8-9EC5-7DFA72FE38D5} - System32\Tasks\Opera scheduled assistant Autoupdate 1556210454 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kato\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EFCA8F5C-03C5-4B85-BA5F-2685DF724E53} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0FBCE0C-770D-4B67-BDC2-52A203E75A69} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F6E25429-CBD8-4593-9519-0A03E887276D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F7263E59-A6CF-46A6-897D-C536222EE5B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}: [NameServer] 195.175.39.40,195.175.39.39
Tcpip\..\Interfaces\{541d6c36-cce2-43fc-a544-deceaf7a6643}: [DhcpNameServer] 192.168.46.242
Tcpip\..\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}: [NameServer] 195.175.39.40,195.175.39.39,25.0.0.1
Tcpip\..\Interfaces\{846c7fb7-9d7f-498e-b28d-19c799bd18f7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b0752e0e-5596-4ed5-ac64-200cd47d5898}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{df4dd499-8be6-4291-bec1-b8b3b1f4ba54}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}: [NameServer] 195.175.39.40,195.175.39.39

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-18]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default [2021-06-21]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://nofdpbenickbjghcdhapegiimmdinblo/nt/index.html"
CHR Extension: (Presentaciones) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-11]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-23]
CHR Extension: (Documentos) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-11]
CHR Extension: (Google Drive) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-11]
CHR Extension: (Google Maps) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhkaebcjjhencmpkapnbdaogjamfbcj [2021-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-21]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-21]
CHR HKLM\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM-x32\...\Chrome\Extension: [nofdpbenickbjghcdhapegiimmdinblo]
CHR HKLM-x32\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675376 2021-03-29] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Outfox; C:\Program Files\Outfox\OutfoxService.exe [128512 2018-08-14] (Golden Frog, GmbH) [Archivo no firmado]
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
S3 Rockstar Service; D:\Launcher\RockstarService.exe [2219416 2021-06-10] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzSndSrv; C:\WINDOWS\system32\RZSurroundService.exe [353520 2019-11-11] (Razer USA Ltd. -> Razer)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CPEFR; "C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe" [X]
S2 CpSbaCipolla; "C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe" [X]
S2 CpSbaUpdater; "C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 RemediationService; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe" [X]
S2 TESvc; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s [X]
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]
S2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
R3 sRZVAD; C:\WINDOWS\System32\drivers\RZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174728 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 ardrv; \??\C:\Users\Kato\AppData\Local\Temp\ardrv.sys [X] <==== ATENCIÓN

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-21 17:45 - 2021-06-21 17:48 - 000030700 _____ C:\Users\Kato\Desktop\FRST.txt
2021-06-21 17:28 - 2021-06-21 17:33 - 000030021 _____ C:\Users\Kato\Desktop\Fixlog.txt
2021-06-21 17:26 - 2021-06-21 17:26 - 000000252 _____ C:\Users\Kato\Desktop\DelFix.txt
2021-06-21 17:26 - 2021-06-21 17:26 - 000000000 ____D C:\WINDOWS\ERUNT
2021-06-21 17:24 - 2021-06-21 17:24 - 000781312 _____ C:\Users\Kato\Desktop\Delfix_1.013.exe
2021-06-21 17:17 - 2021-06-21 17:47 - 000000000 ____D C:\FRST
2021-06-21 17:16 - 2021-06-21 17:16 - 002300416 _____ (Farbar) C:\Users\Kato\Desktop\FRST64.exe
2021-06-20 12:07 - 2021-06-20 12:20 - 000091610 _____ C:\Users\Kato\Desktop\SystemLook.txt
2021-06-19 11:44 - 2021-06-19 11:44 - 000165376 _____ C:\Users\Kato\Desktop\SystemLook_x64.exe
2021-06-17 19:08 - 2021-06-17 19:08 - 010482312 _____ C:\WINDOWS\cpepmon.mlf
2021-06-17 17:49 - 2021-06-17 17:50 - 000000000 ____D C:\AdwCleaner
2021-06-17 17:48 - 2021-06-17 17:48 - 008534696 _____ (Malwarebytes) C:\Users\Kato\Downloads\adwcleaner_8.2.exe
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-17 17:37 - 2021-06-17 17:37 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-17 17:37 - 2021-06-17 17:37 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-17 17:37 - 2021-06-17 17:37 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-17 17:36 - 2021-06-17 17:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-17 17:36 - 2021-06-17 17:36 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-17 17:36 - 2021-06-17 17:36 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-17 17:36 - 2021-06-17 17:36 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-17 17:36 - 2021-06-17 17:36 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-17 17:36 - 2021-06-17 17:36 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-17 17:35 - 2021-06-17 17:35 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-17 17:35 - 2021-06-17 17:35 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-17 17:35 - 2021-06-17 17:35 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-17 17:34 - 2021-06-17 17:34 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-16 18:54 - 2021-06-16 18:54 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2021-06-16 16:46 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-16 16:38 - 2021-06-09 16:14 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001453328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001192720 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 002106128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001590544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001514768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000811792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000689936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-16 16:37 - 2021-06-09 16:13 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 007434016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-16 16:37 - 2021-06-09 16:11 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-16 16:37 - 2021-06-09 16:10 - 006159144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-16 16:37 - 2021-06-09 05:58 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-15 16:45 - 2021-06-15 17:05 - 3426484224 _____ C:\Users\Kato\Downloads\kali-linux-2021.2-virtualbox-i386.ova
2021-06-15 16:39 - 2021-06-15 17:09 - 000000000 ____D C:\Users\Kato\VirtualBox VMs
2021-06-15 16:36 - 2021-06-15 16:36 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\Program Files\Oracle
2021-06-15 16:36 - 2021-04-28 14:27 - 000187648 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2021-06-15 16:36 - 2021-04-28 14:26 - 001038080 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2021-06-15 16:33 - 2021-06-15 16:34 - 108114104 _____ (Oracle Corporation) C:\Users\Kato\Downloads\VirtualBox-6.1.22-144080-Win.exe
2021-06-13 20:23 - 2021-06-16 18:52 - 000000000 ____D C:\Users\Kato\.VirtualBox
2021-06-13 20:23 - 2021-06-16 18:46 - 000000000 ____D C:\ProgramData\VirtualBox
2021-06-13 20:18 - 2021-06-13 20:18 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-13 20:18 - 2021-06-13 20:18 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-13 20:17 - 2021-06-13 20:17 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-13 20:16 - 2021-06-13 20:16 - 002080712 _____ (Malwarebytes) C:\Users\Kato\Downloads\MBSetup.exe
2021-06-12 22:44 - 2021-06-13 11:33 - 001299116 _____ C:\WINDOWS\Minidump\061221-32015-01.dmp
2021-06-10 18:56 - 2021-06-10 19:01 - 002580556 _____ C:\WINDOWS\Minidump\061021-44562-01.dmp
2021-05-30 16:19 - 2021-06-13 11:34 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-30 16:19 - 2021-05-30 16:23 - 001217756 _____ C:\WINDOWS\Minidump\053021-34328-01.dmp
2021-05-30 16:18 - 2021-06-12 22:44 - 1037373645 _____ C:\WINDOWS\MEMORY.DMP
2021-05-28 20:42 - 2021-05-28 20:42 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\Users\Kato\AppData\Local\VS Revo Group
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\Program Files\VS Revo Group
2021-05-28 20:42 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2021-05-28 20:41 - 2021-05-28 20:41 - 016525224 _____ (VS Revo Group ) C:\Users\Kato\Downloads\RevoUninProSetup.exe
2021-05-28 20:19 - 2021-05-28 20:20 - 000158440 _____ C:\Users\Kato\Documents\TRABAJO TEMA 6 .pdf
2021-05-28 17:21 - 2021-05-28 17:21 - 000002689 _____ C:\Users\Kato\Desktop\Google Maps.lnk
2021-05-24 18:06 - 2021-06-21 17:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-24 17:32 - 2021-05-24 17:32 - 000000000 ____D C:\Users\Kato\AppData\Roaming\QtProject
2021-05-24 17:32 - 2019-11-08 10:14 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2021-05-24 17:32 - 2019-11-08 10:14 - 000019152 _____ C:\WINDOWS\system32\pwdrvio.sys
2021-05-24 17:32 - 2019-11-08 10:14 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2021-05-24 17:30 - 2021-05-24 17:38 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2021-05-24 17:27 - 2021-05-24 17:27 - 000000000 ____D C:\Program Files (x86)\EaseUS
2021-05-24 17:27 - 2021-04-21 14:27 - 000076344 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUDCPEPM.sys
2021-05-24 17:27 - 2021-04-21 14:27 - 000033712 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUEDKEPM.sys
2021-05-23 20:36 - 2021-05-23 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant
2021-05-23 18:02 - 2021-06-20 12:45 - 000000000 ____D C:\Users\Kato\AppData\Local\WhatsApp
2021-05-23 18:02 - 2021-05-23 18:02 - 000002192 _____ C:\Users\Kato\Desktop\WhatsApp.lnk
2021-05-23 18:00 - 2021-05-23 18:01 - 130594512 _____ (WhatsApp) C:\Users\Kato\Downloads\WhatsAppSetup (1).exe
2021-05-22 22:55 - 2021-05-22 22:55 - 000002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2021-05-22 22:55 - 2021-05-22 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2021-05-22 20:00 - 2021-06-21 17:26 - 000000252 _____ C:\DelFix.txt
2021-05-22 19:33 - 2021-05-22 19:33 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-22 19:32 - 2021-05-22 19:32 - 003342736 _____ (Alexander Roshal) C:\Users\Kato\Downloads\WinRAR_(64bit)_v6.01.exe
2021-05-22 16:12 - 2021-05-22 16:13 - 000489754 _____ C:\cc_20210522_161233.reg
2021-05-22 11:16 - 2021-05-22 11:16 - 000000273 _____ C:\Users\Kato\Desktop\Rocket League®.url
2021-05-22 11:14 - 2021-05-22 11:14 - 000000219 _____ C:\Users\Kato\Desktop\Counter-Strike Global Offensive.url

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-21 17:47 - 2019-10-03 19:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-21 17:37 - 2018-11-11 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-21 17:34 - 2020-10-11 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-21 17:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-21 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-21 17:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-21 17:32 - 2018-10-30 20:31 - 000000000 ____D C:\Users\Kato\AppData\LocalLow\Temp
2021-06-21 17:24 - 2020-10-11 16:41 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2EDE850B-4BB9-488A-92CD-0EDD412A80D9}
2021-06-21 17:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-21 17:10 - 2020-10-11 16:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-20 22:01 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Roaming\discord
2021-06-20 22:01 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\Discord
2021-06-20 14:07 - 2018-11-24 14:39 - 000000000 ____D C:\Users\Kato\AppData\Roaming\WhatsApp
2021-06-20 12:45 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\SquirrelTemp
2021-06-20 12:01 - 2020-07-17 15:26 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-20 12:01 - 2020-07-17 15:26 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-19 11:31 - 2020-10-11 16:34 - 000798940 _____ C:\WINDOWS\system32\perfh019.dat
2021-06-19 11:31 - 2020-10-11 16:34 - 000187920 _____ C:\WINDOWS\system32\perfc019.dat
2021-06-19 11:31 - 2020-10-11 16:32 - 000005852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-19 11:31 - 2019-12-07 16:55 - 000929578 _____ C:\WINDOWS\system32\perfh00A.dat
2021-06-19 11:31 - 2019-12-07 16:55 - 000198560 _____ C:\WINDOWS\system32\perfc00A.dat
2021-06-18 21:21 - 2020-10-11 16:21 - 000000000 ____D C:\Users\Kato
2021-06-18 17:25 - 2020-10-11 16:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1141238596-2014631217-894586651-1001
2021-06-18 17:25 - 2020-10-11 16:21 - 000002394 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-18 17:25 - 2018-11-10 16:16 - 000000000 ___RD C:\Users\Kato\OneDrive
2021-06-18 17:18 - 2021-05-14 17:07 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-18 16:47 - 2018-11-11 19:26 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 19:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-17 19:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-17 19:10 - 2020-10-11 16:15 - 000529144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-17 19:06 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-17 17:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-17 16:45 - 2020-08-27 12:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 16:45 - 2018-11-12 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-17 16:41 - 2018-11-12 16:55 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-16 20:18 - 2018-12-24 19:23 - 000000000 ____D C:\Users\Kato\AppData\Local\CrashDumps
2021-06-16 16:48 - 2018-12-09 12:35 - 000000000 ____D C:\Users\Kato\AppData\Local\NVIDIA
2021-06-13 20:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-13 17:19 - 2018-11-10 15:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-12 21:10 - 2019-02-14 21:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files\Rockstar Games
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-06-10 19:02 - 2020-09-22 21:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-10 16:55 - 2018-11-10 16:14 - 000000000 ____D C:\Users\Kato\AppData\Local\Packages
2021-06-09 16:13 - 2021-04-24 17:55 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-09 16:10 - 2020-09-12 19:19 - 007212216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-09 05:58 - 2020-09-12 19:22 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-08 20:22 - 2018-10-20 11:13 - 000000000 ____D C:\Users\Kato\AppData\Local\UnrealEngine
2021-06-07 20:56 - 2018-11-11 18:12 - 000000000 ____D C:\Users\Kato\AppData\Local\PlaceholderTileLogoFolder
2021-06-07 20:56 - 2018-11-10 17:11 - 000000000 ____D C:\ProgramData\Packages
2021-06-01 19:15 - 2018-10-17 16:57 - 000000000 ____D C:\Users\Kato\AppData\Local\D3DSCache
2021-06-01 16:16 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-28 17:21 - 2021-01-23 15:55 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2021-05-25 21:08 - 2018-10-16 17:10 - 000002222 _____ C:\Users\Kato\Desktop\Discord.lnk
2021-05-25 17:25 - 2020-12-02 18:42 - 000000000 ____D C:\Users\Kato\AppData\Roaming\audacity
2021-05-25 16:45 - 2021-05-19 18:04 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-25 07:48 - 2020-08-27 12:20 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-08-27 12:20 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-24 17:38 - 2019-05-13 18:29 - 000000000 ____D C:\Users\Kato\AppData\Local\GeoGebra_6
2021-05-24 17:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-05-24 17:27 - 2020-01-30 22:10 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-05-24 16:46 - 2020-12-14 17:32 - 000002379 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2021-05-23 20:36 - 2021-03-11 17:21 - 000001024 ____H C:\AMTAG.BIN
2021-05-23 18:02 - 2018-11-24 14:39 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-05-22 22:55 - 2019-02-14 21:32 - 000002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-22 22:55 - 2019-02-14 21:32 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-22 20:24 - 2021-05-19 18:31 - 000000000 ____D C:\Users\Kato\Doctor Web
2021-05-22 20:15 - 2019-02-14 20:16 - 000000000 ____D C:\Program Files\WinRAR
2021-05-22 20:01 - 2021-05-19 18:34 - 000000000 ____D C:\Users\Kato\AppData\Roaming\GlarySoft
2021-05-22 19:33 - 2019-03-11 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-22 19:21 - 2020-05-08 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-05-22 16:14 - 2020-02-19 17:29 - 000000000 ____D C:\Users\Kato\AppData\Local\Kolor
2021-05-22 16:14 - 2020-02-19 17:28 - 000000000 ____D C:\Program Files\Kolor
2021-05-22 16:10 - 2020-10-09 11:14 - 000000000 ___DC C:\WINDOWS\Panther
2021-05-22 16:08 - 2019-10-05 11:52 - 000000000 ____D C:\Temp

==================== Archivos en la raíz de algunos directorios ========

2020-05-07 13:10 - 2020-05-07 13:10 - 000000604 ____H () C:\Program Files (x86)\_Z2
2018-12-14 20:04 - 2019-05-22 16:23 - 000001845 _____ () C:\Users\Kato\AppData\Local\oobelibMkey.log
2019-02-20 17:59 - 2019-02-20 19:28 - 000000093 _____ () C:\Users\Kato\AppData\Local\X-Plane 11 Preferences.prf
2019-02-20 19:14 - 2020-10-23 20:01 - 000000037 _____ () C:\Users\Kato\AppData\Local\X-Plane Installer.prf
2019-02-20 19:14 - 2020-10-23 20:05 - 000000112 _____ () C:\Users\Kato\AppData\Local\X-Plane_drm_11.prf
2019-02-20 18:00 - 2019-02-20 18:00 - 000000016 _____ () C:\Users\Kato\AppData\Local\x-plane_install_11.txt
2019-06-27 17:31 - 2020-10-23 20:03 - 000000102 _____ () C:\Users\Kato\AppData\Local\X-Plane_xdd_11.prf

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

El addition.txt. Que conste que si aparecen programas de seguridad o antimalware es porque hace un mes y pico realicé una desinfección de mi equipo por medio de este foro.

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (21-06-2021 17:49:29)
Ejecutado desde C:\Users\Kato\Desktop
Windows 10 Pro Versión 2004 19041.1052 (X64) (2020-10-11 14:43:03)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1141238596-2014631217-894586651-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1141238596-2014631217-894586651-503 - Limited - Disabled)
Invitado (S-1-5-21-1141238596-2014631217-894586651-501 - Limited - Disabled)
Kato (S-1-5-21-1141238596-2014631217-894586651-1001 - Administrator - Enabled) => C:\Users\Kato
WDAGUtilityAccount (S-1-5-21-1141238596-2014631217-894586651-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Spybot - Search and Destroy (Disabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: ZoneAlarm Firewall (Disabled) {841A2C1E-F526-E32F-8E57-7FBF8B0698E4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7.1 Surround Sound (HKLM-x32\...\Razer Surround Sound) (Version: 1.0.1.12 - Razer Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_3) (Version: 13.0.3 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0) (Version: 14.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
ASUS PCE-AC56 WLAN Card Utilities/Driver (HKLM-x32\...\{FD792656-6D10-4876-AB24-A845232B7527}) (Version: 2.1.3.8 - ASUS)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
Discord (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FiveM (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\CitizenFX_FiveM) (Version:  - The CitizenFX Collective)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.114 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1034-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Macrium Reflect Free Edition (HKLM\...\{9AA26274-9F90-4E5F-9CC7-C3698D4BE301}) (Version: 7.3.5672 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.12 - MSI)
NBP ColourmapX version 1.5.0 (HKLM-x32\...\{A440258D-EC79-4A9B-89C5-FB7E06F2F4A0}_is1) (Version: 1.5.0 - Nino Batista Photography)
NVIDIA Controlador de audio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 466.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.77 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.6.0 - Golden Frog, GmbH)
paint.net (HKLM\...\{7ADB1B05-39DE-4888-A72D-D1F3A791D45F}) (Version: 4.2.12 - dotPDN LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Revo Uninstaller Pro 4.4.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.41.364 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Software Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\WhatsApp) (Version: 2.2123.7 - WhatsApp)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2021-05-21] (Adobe Systems Incorporated)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-29] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.2.0_x64__8wekyb3d8bbwe [2021-06-11] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1141238596-2014631217-894586651-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\nvshext.dll [2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\SysWOW64\lhacm.acm [34064 2020-03-25] (Microsoft Corporation) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Kato\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Módulos cargados (Lista blanca) =============

2018-08-14 18:07 - 2018-08-14 18:07 - 000169472 _____ () [Archivo no firmado] C:\Program Files\Outfox\libuv.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000168960 _____ () [Archivo no firmado] C:\Program Files\Outfox\websockets.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000022528 _____ () [Archivo no firmado] C:\Program Files\Outfox\WinDivert.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 001830400 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\GamingCoreLib.dll
2018-08-14 18:17 - 2018-08-14 18:17 - 000359424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxWindows.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 000295424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\RedirectLibrary.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000073728 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\cares.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000359936 _____ (The cURL library, hxxps://curl.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\libcurl.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 002265088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\LIBEAY32.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000383488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\SSLEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

SearchScopes: HKU\S-1-5-21-1141238596-2014631217-894586651-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.

IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-06-16 18:54 - 2021-06-21 17:32 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> C:\aircrack-ng-1.6-win\bin
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kato\Pictures\fondo definitivo.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Wi-Fi 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "Krisp"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Puntos de Restauración =========================

16-06-2021 19:05:18 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
16-06-2021 19:15:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
17-06-2021 16:45:44 Instalador de Módulos de Windows
17-06-2021 17:02:21 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/21/2021 05:35:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Nombre del módulo con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00098210
Identificador del proceso con errores: 0x1090
Hora de inicio de la aplicación con errores: 0x01d766b2f676acaf
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Identificador del informe: 353efd7a-4381-43fe-9e0a-9d54d75031a0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/21/2021 05:29:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (06/21/2021 05:28:32 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {95c64ddc-f6e0-4f3e-8d0f-287eb62348f6}

Error: (06/18/2021 08:17:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Taskmgr.exe (versión 10.0.19041.844) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: acc

Hora de Inicio: 01d7646e245c69d0

Hora de finalización: 5

Ruta de la aplicación: C:\Windows\System32\Taskmgr.exe

Id. de informe: 7e0714d0-692a-46d5-a36f-ed9c9ad340ab

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-thread

Error: (06/18/2021 08:17:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa mmc.exe (versión 10.0.19041.746) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 1894

Hora de Inicio: 01d7646d84ae4fa7

Hora de finalización: 579

Ruta de la aplicación: C:\Windows\System32\mmc.exe

Id. de informe: 045d4f23-d393-4f9d-a075-261fd2305c5f

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Cross-thread

Error: (06/18/2021 08:11:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mmc.exe, versión: 10.0.19041.746, marca de tiempo: 0x52055893
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.19041.1023, marca de tiempo: 0x924f9cdb
Código de excepción: 0x00000000
Desplazamiento de errores: 0x0000000000034b89
Identificador del proceso con errores: 0x3794
Hora de inicio de la aplicación con errores: 0x01d7646d1a68bd70
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\mmc.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 2ba56a1d-5a9c-418a-b5a2-e206d4f8af95
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/18/2021 08:02:09 PM) (Source: MsiInstaller) (EventID: 11719) (User: DESKTOP-KLCJ84U)
Description: Product: TinyWall -- Error 1719. The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Error: (06/18/2021 05:32:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Nombre del módulo con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00098210
Identificador del proceso con errores: 0xf78
Hora de inicio de la aplicación con errores: 0x01d7645711cabbe7
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Identificador del informe: c6bd6023-2ce0-4db8-950c-b0c9aa6293df
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (06/21/2021 05:37:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Check Point Sandblast Agent Updater depende del servicio Check Point Sandblast Agent Cipolla, el cual no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point Sandblast Agent Cipolla no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point SandBlast Agent Threat Emulation no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point Endpoint Remediation no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:37:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Check Point Sandblast Agent Cipolla no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:36:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/21/2021 05:34:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio ZA NET ICM Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (06/21/2021 05:34:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio ZAARUpdateService no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
================
Date: 2021-06-17 18:11:53
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {E0A2279A-B58A-4B92-9EBD-E0F9A03FCCA7}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-16 18:32:47
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {9F83EAB1-07DD-4FEC-A2AE-4530397E250A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-14 18:29:24
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {FC7B9169-461D-4E43-9BE7-62105817AB87}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-13 20:51:04
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {59BBC60B-1FAA-4AC1-8059-6DB4C6A1DDDF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-05-26 16:19:19
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2021-05-26T14:19:19.236Z
Usuario: DESKTOP-KLCJ84U\Kato
Ruta de acceso: \Device\Harddisk1\DR1
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.339.601.0
Versión del motor: 1.1.18100.6
Versión del producto: 4.18.2104.10

Date: 2021-06-19 11:40:34
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.341.914.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18200.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2021-06-13 17:09:40
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.341.668.0
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18200.4
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.341.668.0
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18200.4
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18200.4
Versión de motor anterior: 1.1.18100.6
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

CodeIntegrity:
===============
Date: 2021-06-18 17:22:51
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1.00 06/27/2018
Placa base: Micro-Star International Co., Ltd B450 GAMING PLUS (MS-7B86)
Procesador: AMD Ryzen 5 2600 Six-Core Processor 
Porcentaje de memoria en uso: 23%
RAM física total: 16335.26 MB
RAM física disponible: 12514.84 MB
Virtual total: 28335.26 MB
Virtual disponible: 22623.14 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:667.51 GB) NTFS
Drive d: (SSD) (Fixed) (Total:223.57 GB) (Free:149.12 GB) NTFS

\\?\Volume{cd464440-c406-4f54-9ed8-9c78cdc84762}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{816f243e-e65d-49ff-bb14-9d747dacf149}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AD8A6695)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0A110421)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola, buenas @Kato

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

• Reinicias el ordenador en Modo Normal.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

3. Cunado finalicé, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

DESINSTALACIÓN PROGRAMAS

Para los programas en que te diga: puedes quitarlos. Hazlo así:

Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.

Quitas todos los programas que encuentre Revo con los nombres de: Check Point y ZoneAlarm.

Pues serían los siguientes:

Check Point SBA
ZoneAlarm Anti-Ransomware

Estos deben de quedar completamente desinstalados.

Finalmente, aparte del FIXLOG. Comentas si has podido quitar ambos programas o si bien te ha surgido algún problema.

Salu2.

Ya he realizado ambos procedimientos. Aquí te pego el fixlog. En cuanto al revo uninstaller, me ha dejado ya desinstalar los dos programas que me has comentado sin ningún problema.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (22-06-2021 17:28:05) Run:2
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}\\SystemComponent" => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B8C3231-9818-4CB9-8213-4AB839836791}\\SystemComponent" => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 12869632 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19086644 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1049175 B
Edge => 0 B
Chrome => 426748852 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 5368 B
Kato => 32629108 B

RecycleBin => 183280 B
EmptyTemp: => 469.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 17:30:23 ====

Hola, buenas @Kato

Perfecto . Vamos por buen camino para erradicarlo completamente. Pero aún queda un poquito. Me traes un par de logs frescos de FRST. Para ello:

Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). ¿Cómo saber si mi Windows es de 32 o 64 bits.?

Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

Farbar Recovery Scan Tool

1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

PRÓXIMA RESPUESTA

Pegas los reportes de FRST y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

• No realices pasos/acciones que NOSOTROS no te hayamos indicado.
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA (programas/software/complementos/extensiones del navegador…).
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Hola @MIXU perdón por la tardanza, he estado bastante liado. Aquí te pego el addition.txt.

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 20-06-2021
Ejecutado por Kato (25-06-2021 13:25:29)
Ejecutado desde C:\Users\Kato\Desktop
Windows 10 Pro Versión 20H2 19042.1052 (X64) (2020-10-11 14:43:03)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1141238596-2014631217-894586651-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1141238596-2014631217-894586651-503 - Limited - Disabled)
Invitado (S-1-5-21-1141238596-2014631217-894586651-501 - Limited - Disabled)
Kato (S-1-5-21-1141238596-2014631217-894586651-1001 - Administrator - Enabled) => C:\Users\Kato
WDAGUtilityAccount (S-1-5-21-1141238596-2014631217-894586651-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Spybot - Search and Destroy (Disabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: ZoneAlarm Firewall (Disabled) {841A2C1E-F526-E32F-8E57-7FBF8B0698E4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7.1 Surround Sound (HKLM-x32\...\Razer Surround Sound) (Version: 1.0.1.12 - Razer Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_3) (Version: 13.0.3 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0) (Version: 14.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS PCE-AC56 WLAN Card Utilities/Driver (HKLM-x32\...\{FD792656-6D10-4876-AB24-A845232B7527}) (Version: 2.1.3.8 - ASUS)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Discord (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.114 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1034-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Macrium Reflect Free Edition (HKLM\...\{9AA26274-9F90-4E5F-9CC7-C3698D4BE301}) (Version: 7.3.5672 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.14026.20270 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.12 - MSI)
NBP ColourmapX version 1.5.0 (HKLM-x32\...\{A440258D-EC79-4A9B-89C5-FB7E06F2F4A0}_is1) (Version: 1.5.0 - Nino Batista Photography)
NVIDIA Controlador de audio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 466.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.77 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.6.0 - Golden Frog, GmbH)
paint.net (HKLM\...\{7ADB1B05-39DE-4888-A72D-D1F3A791D45F}) (Version: 4.2.12 - dotPDN LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Revo Uninstaller Pro 4.4.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.41.364 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Software Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\WhatsApp) (Version: 2.2123.7 - WhatsApp)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2021-05-21] (Adobe Systems Incorporated)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-29] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.2.0_x64__8wekyb3d8bbwe [2021-06-11] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1141238596-2014631217-894586651-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\nvshext.dll [2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\SysWOW64\lhacm.acm [34064 2020-03-25] (Microsoft Corporation) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Kato\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Módulos cargados (Lista blanca) =============

2018-08-14 18:07 - 2018-08-14 18:07 - 000169472 _____ () [Archivo no firmado] C:\Program Files\Outfox\libuv.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000168960 _____ () [Archivo no firmado] C:\Program Files\Outfox\websockets.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000022528 _____ () [Archivo no firmado] C:\Program Files\Outfox\WinDivert.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 001830400 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\GamingCoreLib.dll
2018-08-14 18:17 - 2018-08-14 18:17 - 000359424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxWindows.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 000295424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\RedirectLibrary.dll
2020-04-19 11:28 - 2020-04-19 11:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-19 11:28 - 2020-04-19 11:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000073728 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\cares.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000359936 _____ (The cURL library, hxxps://curl.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\libcurl.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 002265088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\LIBEAY32.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000383488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\SSLEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

SearchScopes: HKU\S-1-5-21-1141238596-2014631217-894586651-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.

IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-06-16 18:54 - 2021-06-22 17:29 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> C:\aircrack-ng-1.6-win\bin
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kato\Pictures\fondo definitivo.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Wi-Fi 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "Krisp"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Puntos de Restauración =========================

23-06-2021 21:35:11 Instalador de Módulos de Windows
23-06-2021 21:41:46 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/24/2021 12:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AdobeNotificationClient.exe, versión: 4.9.0.484, marca de tiempo: 0x5d0b467b
Nombre del módulo con errores: AdobeNotificationClient.exe, versión: 4.9.0.484, marca de tiempo: 0x5d0b467b
Código de excepción: 0x80000003
Desplazamiento de errores: 0x0000b311
Identificador del proceso con errores: 0x2b40
Hora de inicio de la aplicación con errores: 0x01d768e2e6b28a9a
Ruta de acceso de la aplicación con errores: C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
Ruta de acceso del módulo con errores: C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
Identificador del informe: aa1dda16-c933-4d1e-ab16-734af413df0f
Nombre completo del paquete con errores: AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc
Identificador de aplicación relativa del paquete con errores: App

Error: (06/24/2021 12:21:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (06/24/2021 12:19:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Nombre del módulo con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00098210
Identificador del proceso con errores: 0x10cc
Hora de inicio de la aplicación con errores: 0x01d768e2535f909d
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Identificador del informe: a1ca4b15-b080-43a6-adbb-a71ae422e57f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/23/2021 09:44:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Nombre del módulo con errores: OriginWebHelperService.exe, versión: 10.5.56.33908, marca de tiempo: 0x5dd474e2
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00098210
Identificador del proceso con errores: 0xffc
Hora de inicio de la aplicación con errores: 0x01d7686826d7452f
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Origin\OriginWebHelperService.exe
Identificador del informe: 4483292b-f978-4436-a817-698a4b622f32
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/23/2021 09:41:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service Check Point Sandblast Agent Updater since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (06/23/2021 09:41:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service Check Point Sandblast Agent Cipolla since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (06/23/2021 09:35:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service Check Point Sandblast Agent Updater since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (06/23/2021 09:35:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddWin32ServiceFiles: Unable to back up image of service Check Point Sandblast Agent Cipolla since QueryServiceConfig API failed

System Error:
El sistema no puede encontrar el archivo especificado.
.


Errores del sistema:
=============
Error: (06/25/2021 01:08:20 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-KLCJ84U)
Description: Se agotó el tiempo de espera de la activación de Windows.Media.Capture.AppCaptureManager de CLSID esperando que el servicio BcastDVRUserService_233b118 se detuviera.

Error: (06/24/2021 02:14:02 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KLCJ84U)
Description: Error de DCOM "1053" al intentar iniciar el servicio BcastDVRUserService_d774f con argumentos "No disponible" para ejecutar el servidor:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (06/24/2021 02:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de usuario de difusión y GameDVR_d774f no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/24/2021 02:14:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de usuario de difusión y GameDVR_d774f.

Error: (06/24/2021 02:14:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/24/2021 02:14:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/24/2021 02:14:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/24/2021 02:14:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
================
Date: 2021-06-25 13:22:07
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {F777279D-8875-448E-811F-725E3C4F4790}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: DESKTOP-KLCJ84U\Kato

Date: 2021-06-17 18:11:53
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {E0A2279A-B58A-4B92-9EBD-E0F9A03FCCA7}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-16 18:32:47
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {9F83EAB1-07DD-4FEC-A2AE-4530397E250A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-14 18:29:24
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {FC7B9169-461D-4E43-9BE7-62105817AB87}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-13 20:51:04
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {59BBC60B-1FAA-4AC1-8059-6DB4C6A1DDDF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-19 11:40:34
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.341.914.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18200.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2021-06-13 17:09:40
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.341.668.0
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18200.4
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.341.668.0
Versión anterior de inteligencia de seguridad: 1.339.1690.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18200.4
Versión anterior del motor: 1.1.18100.6
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-13 17:09:38
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18200.4
Versión de motor anterior: 1.1.18100.6
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

CodeIntegrity:
===============
Date: 2021-06-18 17:22:51
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1.00 06/27/2018
Placa base: Micro-Star International Co., Ltd B450 GAMING PLUS (MS-7B86)
Procesador: AMD Ryzen 5 2600 Six-Core Processor 
Porcentaje de memoria en uso: 27%
RAM física total: 16335.26 MB
RAM física disponible: 11835.23 MB
Virtual total: 28335.26 MB
Virtual disponible: 21124.2 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:670.62 GB) NTFS
Drive d: (SSD) (Fixed) (Total:223.57 GB) (Free:149.27 GB) NTFS

\\?\Volume{cd464440-c406-4f54-9ed8-9c78cdc84762}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{816f243e-e65d-49ff-bb14-9d747dacf149}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AD8A6695)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0A110421)

Partition: GPT.

==================== Final de Addition.txt =======================

Y aquí el frst.txt.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 20-06-2021
Ejecutado por Kato (administrador) sobre DESKTOP-KLCJ84U (Micro-Star International Co., Ltd MS-7B86) (25-06-2021 13:22:45)
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Platform: Windows 10 Pro Versión 20H2 19042.1052 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(A-Volute SAS -> A-Volute) C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Kato\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(Razer USA Ltd. -> Razer) C:\Windows\System32\RZSurroundService.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1263288 2018-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33249248 2021-06-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-18] (Google LLC -> Google LLC)
Startup: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-02-15]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1107FD95-1674-47EF-8890-1C23C61B53BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1884DE9A-711A-4A13-8671-A5E95375B555} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20575B82-DCD7-4773-986B-FE0AECC2CBC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {23540AF3-1A8B-4221-9242-88AC060CFE12} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {299A1A0C-0F4E-4A9B-B08E-AC9A334779A9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32DEDA83-8032-4003-9A37-2CFBAA3BDFCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F50D582-E7D3-4CF6-931A-BBBB0B62A6C9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4FB9F71D-761D-4B73-9CAE-79DE63EF2E95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A7ACFEC-F16D-46CE-9C9B-890705C75662} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6613746E-FE4F-4C4D-AC32-D4767079D1F0} - System32\Tasks\Opera scheduled Autoupdate 1556210451 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe
Task: {6FA4C3B9-56B3-4D11-A0EF-F23C6ED0E92D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {767411EB-45E2-4BA2-A55B-09A0336174AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CED1376-07FB-481B-AC03-1187C2F21296} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FE5C3DC-E12C-4133-A63E-523A0D9FDEF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {93857FD6-22A2-4123-860E-6334CF1E76C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F39D603-A8C4-468A-905F-22F641881E8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5386B2C-158F-4D2A-84BC-CFC96EB7CBE3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACD1F798-2A1B-4A6C-B858-B62BD06C37AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B4D2944E-22CF-44CE-BE08-603D7F668980} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA587BC9-524C-4BE0-A6CA-FBB4279B1BD5} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {BEEC3812-F976-48EB-8CE6-4F342D764175} - System32\Tasks\PCEAC56WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC56 WLAN Card Utilities\WlanMgr.exe
Task: {C207B42D-D566-423B-9783-0A9F94653E8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C34A6D8E-A941-45A0-A5A6-FB69F38FC765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFEF923D-9C46-4380-BEA9-0569E5E5A0E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {D1213EB2-0E81-4034-BDEF-2F26B2B8A0E2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1EA8B80-A303-405C-A1C6-03F43E840F8A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4B7CD4D-3E36-4BCB-9155-027756FF1CF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {DC456497-91BB-4F6E-91C0-C7EF8515B6B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {EF51945A-D5CF-49C8-9EC5-7DFA72FE38D5} - System32\Tasks\Opera scheduled assistant Autoupdate 1556210454 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kato\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EFCA8F5C-03C5-4B85-BA5F-2685DF724E53} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0FBCE0C-770D-4B67-BDC2-52A203E75A69} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F6E25429-CBD8-4593-9519-0A03E887276D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F7263E59-A6CF-46A6-897D-C536222EE5B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}: [NameServer] 195.175.39.40,195.175.39.39
Tcpip\..\Interfaces\{541d6c36-cce2-43fc-a544-deceaf7a6643}: [DhcpNameServer] 192.168.46.242
Tcpip\..\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}: [NameServer] 195.175.39.40,195.175.39.39,25.0.0.1
Tcpip\..\Interfaces\{846c7fb7-9d7f-498e-b28d-19c799bd18f7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b0752e0e-5596-4ed5-ac64-200cd47d5898}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{df4dd499-8be6-4291-bec1-b8b3b1f4ba54}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}: [NameServer] 195.175.39.40,195.175.39.39

Edge: 
=======
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default [2021-06-25]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-11]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-23]
CHR Extension: (Documentos) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-11]
CHR Extension: (Google Drive) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-06-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-25]
CHR Extension: (Google Maps) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhkaebcjjhencmpkapnbdaogjamfbcj [2021-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-21]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-21]
CHR HKLM\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM-x32\...\Chrome\Extension: [nofdpbenickbjghcdhapegiimmdinblo]
CHR HKLM-x32\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675376 2021-03-29] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Outfox; C:\Program Files\Outfox\OutfoxService.exe [128512 2018-08-14] (Golden Frog, GmbH) [Archivo no firmado]
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
S3 Rockstar Service; D:\Launcher\RockstarService.exe [2219416 2021-06-10] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzSndSrv; C:\WINDOWS\system32\RZSurroundService.exe [353520 2019-11-11] (Razer USA Ltd. -> Razer)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CPEFR; "C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 RemediationService; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe" [X]
S2 TESvc; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s [X]
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
R3 sRZVAD; C:\WINDOWS\System32\drivers\RZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174728 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 ardrv; \??\C:\Users\Kato\AppData\Local\Temp\ardrv.sys [X] <==== ATENCIÓN

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-25 13:22 - 2021-06-25 13:24 - 000030027 _____ C:\Users\Kato\Desktop\FRST.txt
2021-06-22 17:50 - 2021-06-22 17:50 - 020385120 _____ (Famatech Corp. ) C:\Users\Kato\Downloads\Advanced_IP_Scanner_2.5.3850.exe
2021-06-22 17:04 - 2021-06-22 17:05 - 000000000 ____D C:\Users\Kato\Documents\Image-Line
2021-06-22 17:03 - 2021-06-22 17:03 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-06-22 17:03 - 2021-06-22 17:03 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-06-22 17:02 - 2021-06-22 17:02 - 000001882 _____ C:\Users\Kato\Desktop\FL Studio 20.lnk
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Program Files\Common Files\VST2
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2021-06-22 16:58 - 2021-06-22 17:03 - 000000000 ____D C:\Program Files\Image-Line
2021-06-22 16:53 - 2021-06-22 16:54 - 973680760 _____ (Image-Line) C:\Users\Kato\Downloads\flstudio_win_20.8.3.2304.exe
2021-06-21 17:26 - 2021-06-21 17:26 - 000000000 ____D C:\WINDOWS\ERUNT
2021-06-21 17:24 - 2021-06-21 17:24 - 000781312 _____ C:\Users\Kato\Desktop\Delfix_1.013.exe
2021-06-21 17:17 - 2021-06-25 13:23 - 000000000 ____D C:\FRST
2021-06-21 17:16 - 2021-06-21 17:16 - 002300416 _____ (Farbar) C:\Users\Kato\Desktop\FRST64.exe
2021-06-20 12:07 - 2021-06-20 12:20 - 000091610 _____ C:\Users\Kato\Desktop\SystemLook.txt
2021-06-19 11:44 - 2021-06-19 11:44 - 000165376 _____ C:\Users\Kato\Desktop\SystemLook_x64.exe
2021-06-17 19:08 - 2021-06-17 19:08 - 010482312 _____ C:\WINDOWS\cpepmon.mlf
2021-06-17 17:49 - 2021-06-17 17:50 - 000000000 ____D C:\AdwCleaner
2021-06-17 17:48 - 2021-06-17 17:48 - 008534696 _____ (Malwarebytes) C:\Users\Kato\Downloads\adwcleaner_8.2.exe
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-17 17:37 - 2021-06-17 17:37 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-17 17:37 - 2021-06-17 17:37 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-17 17:37 - 2021-06-17 17:37 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-17 17:36 - 2021-06-17 17:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-17 17:36 - 2021-06-17 17:36 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-17 17:36 - 2021-06-17 17:36 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-17 17:36 - 2021-06-17 17:36 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-17 17:36 - 2021-06-17 17:36 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-17 17:36 - 2021-06-17 17:36 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-17 17:35 - 2021-06-17 17:35 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-17 17:35 - 2021-06-17 17:35 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-17 17:35 - 2021-06-17 17:35 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-17 17:34 - 2021-06-17 17:34 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-16 18:54 - 2021-06-16 18:54 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2021-06-16 16:46 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-16 16:38 - 2021-06-09 16:14 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001453328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001192720 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 002106128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001590544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001514768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000811792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000689936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-16 16:37 - 2021-06-09 16:13 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 007434016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-16 16:37 - 2021-06-09 16:11 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-16 16:37 - 2021-06-09 16:10 - 006159144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-16 16:37 - 2021-06-09 05:58 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-15 16:45 - 2021-06-15 17:05 - 3426484224 _____ C:\Users\Kato\Downloads\kali-linux-2021.2-virtualbox-i386.ova
2021-06-15 16:39 - 2021-06-15 17:09 - 000000000 ____D C:\Users\Kato\VirtualBox VMs
2021-06-15 16:36 - 2021-06-15 16:36 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\Program Files\Oracle
2021-06-15 16:36 - 2021-04-28 14:27 - 000187648 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2021-06-15 16:36 - 2021-04-28 14:26 - 001038080 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2021-06-15 16:33 - 2021-06-15 16:34 - 108114104 _____ (Oracle Corporation) C:\Users\Kato\Downloads\VirtualBox-6.1.22-144080-Win.exe
2021-06-15 16:14 - 2020-01-26 00:42 - 000000000 ____D C:\Users\Kato\Downloads\aircrack-ng-1.6-win
2021-06-13 20:23 - 2021-06-16 18:52 - 000000000 ____D C:\Users\Kato\.VirtualBox
2021-06-13 20:23 - 2021-06-16 18:46 - 000000000 ____D C:\ProgramData\VirtualBox
2021-06-13 20:18 - 2021-06-13 20:18 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-13 20:18 - 2021-06-13 20:18 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-13 20:17 - 2021-06-13 20:17 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-13 20:16 - 2021-06-13 20:16 - 002080712 _____ (Malwarebytes) C:\Users\Kato\Downloads\MBSetup.exe
2021-06-12 22:44 - 2021-06-13 11:33 - 001299116 _____ C:\WINDOWS\Minidump\061221-32015-01.dmp
2021-06-10 18:56 - 2021-06-10 19:01 - 002580556 _____ C:\WINDOWS\Minidump\061021-44562-01.dmp
2021-05-30 16:19 - 2021-06-13 11:34 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-30 16:19 - 2021-05-30 16:23 - 001217756 _____ C:\WINDOWS\Minidump\053021-34328-01.dmp
2021-05-30 16:18 - 2021-06-12 22:44 - 1037373645 _____ C:\WINDOWS\MEMORY.DMP
2021-05-28 20:42 - 2021-05-28 20:42 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\Users\Kato\AppData\Local\VS Revo Group
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-05-28 20:42 - 2021-05-28 20:42 - 000000000 ____D C:\Program Files\VS Revo Group
2021-05-28 20:42 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2021-05-28 20:41 - 2021-05-28 20:41 - 016525224 _____ (VS Revo Group ) C:\Users\Kato\Downloads\RevoUninProSetup.exe
2021-05-28 17:21 - 2021-05-28 17:21 - 000002689 _____ C:\Users\Kato\Desktop\Google Maps.lnk

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-06-25 13:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-25 13:15 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Roaming\discord
2021-06-25 12:44 - 2019-10-03 19:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-25 12:37 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\Discord
2021-06-25 12:35 - 2018-11-11 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-24 19:28 - 2020-10-11 16:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-24 19:18 - 2020-10-11 16:41 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2EDE850B-4BB9-488A-92CD-0EDD412A80D9}
2021-06-24 19:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-24 18:14 - 2018-11-24 14:39 - 000000000 ____D C:\Users\Kato\AppData\Roaming\WhatsApp
2021-06-24 16:04 - 2020-10-11 16:34 - 000811696 _____ C:\WINDOWS\system32\perfh019.dat
2021-06-24 16:04 - 2020-10-11 16:34 - 000200100 _____ C:\WINDOWS\system32\perfc019.dat
2021-06-24 16:04 - 2020-10-11 16:32 - 000005852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-24 16:04 - 2019-12-07 16:55 - 000976642 _____ C:\WINDOWS\system32\perfh00A.dat
2021-06-24 16:04 - 2019-12-07 16:55 - 000212822 _____ C:\WINDOWS\system32\perfc00A.dat
2021-06-24 12:23 - 2018-12-24 19:23 - 000000000 ____D C:\Users\Kato\AppData\Local\CrashDumps
2021-06-24 12:18 - 2021-05-24 18:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-24 12:18 - 2020-10-11 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-23 21:50 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-23 21:49 - 2020-07-17 15:26 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-23 21:49 - 2020-07-17 15:26 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-23 21:49 - 2018-11-11 19:26 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-23 21:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-22 17:31 - 2020-10-11 16:21 - 000000000 ____D C:\Users\Kato
2021-06-22 17:26 - 2018-10-20 15:51 - 000000000 ____D C:\Users\Kato\AppData\Local\NVIDIA Corporation
2021-06-22 17:25 - 2021-05-22 20:00 - 000000252 _____ C:\DelFix.txt
2021-06-21 19:28 - 2018-11-10 16:17 - 000000000 ____D C:\Users\Kato\AppData\Local\ElevatedDiagnostics
2021-06-21 17:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-21 17:32 - 2018-10-30 20:31 - 000000000 ____D C:\Users\Kato\AppData\LocalLow\Temp
2021-06-21 17:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-20 12:45 - 2021-05-23 18:02 - 000000000 ____D C:\Users\Kato\AppData\Local\WhatsApp
2021-06-20 12:45 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\SquirrelTemp
2021-06-18 17:25 - 2020-10-11 16:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1141238596-2014631217-894586651-1001
2021-06-18 17:25 - 2020-10-11 16:21 - 000002394 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-18 17:25 - 2018-11-10 16:16 - 000000000 ___RD C:\Users\Kato\OneDrive
2021-06-18 17:18 - 2021-05-14 17:07 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-17 19:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-17 19:10 - 2020-10-11 16:15 - 000529144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-17 19:06 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-17 16:45 - 2020-08-27 12:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 16:45 - 2018-11-12 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-17 16:41 - 2018-11-12 16:55 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-16 16:48 - 2018-12-09 12:35 - 000000000 ____D C:\Users\Kato\AppData\Local\NVIDIA
2021-06-13 20:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-13 17:19 - 2018-11-10 15:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-12 21:10 - 2019-02-14 21:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files\Rockstar Games
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-06-10 19:02 - 2020-09-22 21:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-10 16:55 - 2018-11-10 16:14 - 000000000 ____D C:\Users\Kato\AppData\Local\Packages
2021-06-09 16:13 - 2021-04-24 17:55 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-09 16:10 - 2020-09-12 19:19 - 007212216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-09 05:58 - 2020-09-12 19:22 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-08 20:22 - 2018-10-20 11:13 - 000000000 ____D C:\Users\Kato\AppData\Local\UnrealEngine
2021-06-07 20:56 - 2018-11-11 18:12 - 000000000 ____D C:\Users\Kato\AppData\Local\PlaceholderTileLogoFolder
2021-06-07 20:56 - 2018-11-10 17:11 - 000000000 ____D C:\ProgramData\Packages
2021-06-01 19:15 - 2018-10-17 16:57 - 000000000 ____D C:\Users\Kato\AppData\Local\D3DSCache
2021-06-01 16:16 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-28 17:21 - 2021-01-23 15:55 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome

==================== Archivos en la raíz de algunos directorios ========

2020-05-07 13:10 - 2020-05-07 13:10 - 000000604 ____H () C:\Program Files (x86)\_Z2
2018-12-14 20:04 - 2019-05-22 16:23 - 000001845 _____ () C:\Users\Kato\AppData\Local\oobelibMkey.log
2019-02-20 17:59 - 2019-02-20 19:28 - 000000093 _____ () C:\Users\Kato\AppData\Local\X-Plane 11 Preferences.prf
2019-02-20 19:14 - 2020-10-23 20:01 - 000000037 _____ () C:\Users\Kato\AppData\Local\X-Plane Installer.prf
2019-02-20 19:14 - 2020-10-23 20:05 - 000000112 _____ () C:\Users\Kato\AppData\Local\X-Plane_drm_11.prf
2019-02-20 18:00 - 2019-02-20 18:00 - 000000016 _____ () C:\Users\Kato\AppData\Local\x-plane_install_11.txt
2019-06-27 17:31 - 2020-10-23 20:03 - 000000102 _____ () C:\Users\Kato\AppData\Local\X-Plane_xdd_11.prf

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Hola, buenas @Kato

Disculpado estas.

Primero de todo yo también quiero pedirte disculpas, pues últimamente tengo súper poco tiempo para dedicarle al foro. De todas formas Yo seguiré con tu caso hasta el final, hasta que esté solucionado. Aunque tarde bastante en responder, para nada te dejaré tirado.

Por lo que veo en el pasado (hace poco), tuviste infecciones en tu máquina. ¿Correcto esto que digo?

Bien, dicho esto, vamos al lío.

PREGUNTAS

¿Reconoces estas IPS: 195.175.39.40 y 195.175.39.39?

Pues son de: Turk Telekomunikasyon Anonim Sirketi (turktelekom.com.tr) ¿Te suenan de algo o es normal que tengan relación con tu máquina? ¿Te suena dicho ISP?

¿Reconoces estas extensiones de CHROME: miockbgloklamfiklogjaohlgekodeok Y obhdbhpjhfncnelcpknkffpdmpdcjpep?

Si no las reconoces, haz los diferentes procedimientos que se indican en esta guía: https://www.howtogeek.com/140464/how-to-manually-uninstall-a-globally-installed-chrome-extension/

Hasta que hayas averiguado que son exactamente, lo haces para ambas y me cuentas que son ambas extensiones (o que información te sale de esta y me la facilitas). De momento, haces dichos procedimientos pero sin desinstalarlas.

La que si que deberás de desinstalar, es al siguiente extensión: nofdpbenickbjghcdhapegiimmdinblo, pues esta si que pertenece al ZoneAlarm.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
SystemRestore: On
CREATERESTOREPOINT:
CLOSEPROCESSES:
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Ningún archivo]
CHR HKLM-x32\...\Chrome\Extension: [nofdpbenickbjghcdhapegiimmdinblo]
S2 CPEFR; "C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe" [X]
S2 RemediationService; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe" [X]
S2 TESvc; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s [X]
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 ardrv; \??\C:\Users\Kato\AppData\Local\Temp\ardrv.sys [X] <==== ATENCIÓN
FW: ZoneAlarm Firewall (Disabled) {841A2C1E-F526-E32F-8E57-7FBF8B0698E4}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
C:\Program Files (x86)\CheckPoint
C:\WINDOWS\System32\DRIVERS\cpbak.sys
C:\WINDOWS\system32\drivers\epnetflt.sys
C:\WINDOWS\system32\drivers\epregflt.sys
C:\Users\Kato\AppData\Local\Temp\ardrv.sys

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.

Hola @MIXU. Voy a ir contestando a tus preguntas. En cuanto a la infección pasada, es correcto, tuve una hará 2 meses. Respecto a las IPS, ni idea, no las reconozco de nada ni tienen ninguna relación con mi máquina. Las extensiones que has mencionado no las reconozco, y por no leer hasta el final las he eliminado (fallo mío, me disculpo ). La siguiente extensión nofdpbenickbjghcdhapegiimmdinblo no he sido capaz de encontrarla de ninguno de los modos que hay en la página que me pasaste. Por último, te dejo aquí el fixlog.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 04-07-2021
Ejecutado por Kato (05-07-2021 14:28:04) Run:3
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
SystemRestore: On
CREATERESTOREPOINT:
CLOSEPROCESSES:
GroupPolicy: Restricción ? <==== ATENCIÓN
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restricción <==== ATENCIÓN
Edge Extension: (Sin Nombre) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [no encontrado]
Edge Extension: (Sin Nombre) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [no encontrado]
Edge Extension: (Sin Nombre) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [no encontrado]
Edge Extension: (Sin Nombre) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [no encontrado]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=3 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: @chbrowserupdate.com/Chromium Update;version=9 -> C:\Program Files (x86)\Chromium\Update\1.3.99.0\npChromiumUpdate3.dll [Ningún archivo]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [Ningún archivo]
CHR HKLM-x32\...\Chrome\Extension: [nofdpbenickbjghcdhapegiimmdinblo]
S2 CPEFR; "C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe" [X]
S2 RemediationService; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe" [X]
S2 TESvc; "C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe" -s [X]
S2 ZA NET ICM Service; "C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe" [X]
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 ardrv; \??\C:\Users\Kato\AppData\Local\Temp\ardrv.sys [X] <==== ATENCIÓN
FW: ZoneAlarm Firewall (Disabled) {841A2C1E-F526-E32F-8E57-7FBF8B0698E4}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} =>  -> Ningún archivo
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> Ningún archivo
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]
C:\Program Files (x86)\CheckPoint
C:\WINDOWS\System32\DRIVERS\cpbak.sys
C:\WINDOWS\system32\drivers\epnetflt.sys
C:\WINDOWS\system32\drivers\epregflt.sys
C:\Users\Kato\AppData\Local\Temp\ardrv.sys

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

SystemRestore: On => completado
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\ProgramData\NTUSER.pol => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Policies\Google => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Edge => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => eliminado correctamente
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => eliminado correctamente
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@chbrowserupdate.com/Chromium Update;version=3 => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@chbrowserupdate.com/Chromium Update;version=9 => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nofdpbenickbjghcdhapegiimmdinblo => eliminado correctamente
HKLM\System\CurrentControlSet\Services\CPEFR => eliminado correctamente
CPEFR => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RemediationService => eliminado correctamente
RemediationService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\TESvc => eliminado correctamente
TESvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ZA NET ICM Service => eliminado correctamente
ZA NET ICM Service => servicio eliminado correctamente
cpbak => Servicio detenido correctamente.
HKLM\System\CurrentControlSet\Services\cpbak => eliminado correctamente
cpbak => servicio eliminado correctamente
epnetflt => Servicio detenido correctamente.
HKLM\System\CurrentControlSet\Services\epnetflt => eliminado correctamente
epnetflt => servicio eliminado correctamente
epregflt => Servicio detenido correctamente.
HKLM\System\CurrentControlSet\Services\epregflt => eliminado correctamente
epregflt => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ardrv => eliminado correctamente
ardrv => servicio eliminado correctamente
"FW: ZoneAlarm Firewall (Disabled) {841A2C1E-F526-E32F-8E57-7FBF8B0698E4}" => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ReflectShellExt => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => eliminado correctamente
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ReflectShellExt => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => eliminado correctamente
C:\Users\Public\Shared Files => ":VersionCache" ADS eliminado correctamente
"C:\Program Files (x86)\CheckPoint" => no encontrado
C:\WINDOWS\System32\DRIVERS\cpbak.sys => movido correctamente
C:\WINDOWS\system32\drivers\epnetflt.sys => movido correctamente
C:\WINDOWS\system32\drivers\epregflt.sys => movido correctamente
"C:\Users\Kato\AppData\Local\Temp\ardrv.sys" => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43283192 B
Java, Flash, Steam htmlcache => 8761395 B
Windows/system/drivers => 54561656 B
Edge => 0 B
Chrome => 429076383 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 54346 B
Kato => 99912769 B

RecycleBin => 73773824 B
EmptyTemp: => 687.6 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 14:30:19 ====

Un saludo.

OK. Ya veo que estaba en lo cierto. Pues vi restos de herramientas para desinfectar, así como políticas varias de la máquina bloqueadas muy probablemente por malware y algún pequeño detalle que me hizo llegar a esa conclusión.

Ok a todo. Ahora haces esto de nuevo:

Salu2.

Hola aquí te envío los reportes. Primero el frst.txt.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 04-07-2021
Ejecutado por Kato (administrador) sobre DESKTOP-KLCJ84U (Micro-Star International Co., Ltd MS-7B86) (06-07-2021 13:57:19)
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Platform: Windows 10 Pro Versión 20H2 19042.1081 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(A-Volute SAS -> A-Volute) C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer) C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe
(Razer USA Ltd. -> Razer) C:\Windows\System32\RZSurroundService.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1263288 2018-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33249248 2021-06-14] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-03] (Google LLC -> Google LLC)
Startup: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2019-02-15]
ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1107FD95-1674-47EF-8890-1C23C61B53BE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1884DE9A-711A-4A13-8671-A5E95375B555} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20575B82-DCD7-4773-986B-FE0AECC2CBC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {23540AF3-1A8B-4221-9242-88AC060CFE12} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {299A1A0C-0F4E-4A9B-B08E-AC9A334779A9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F98D97F-C15A-48F7-AC5E-8683E3C3336B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F50D582-E7D3-4CF6-931A-BBBB0B62A6C9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4FB9F71D-761D-4B73-9CAE-79DE63EF2E95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A7ACFEC-F16D-46CE-9C9B-890705C75662} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6613746E-FE4F-4C4D-AC32-D4767079D1F0} - System32\Tasks\Opera scheduled Autoupdate 1556210451 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe
Task: {6FA4C3B9-56B3-4D11-A0EF-F23C6ED0E92D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {705B166B-50C3-410D-9FF8-E804EC7D1B09} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A1A86FF-1F35-40E0-A1FD-8FC251B7EB87} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FE5C3DC-E12C-4133-A63E-523A0D9FDEF9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {93857FD6-22A2-4123-860E-6334CF1E76C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F39D603-A8C4-468A-905F-22F641881E8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0B23AF3-8B23-4D50-96F8-3064C9E13A76} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5386B2C-158F-4D2A-84BC-CFC96EB7CBE3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACD1F798-2A1B-4A6C-B858-B62BD06C37AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {BA587BC9-524C-4BE0-A6CA-FBB4279B1BD5} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [30648 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {BEEC3812-F976-48EB-8CE6-4F342D764175} - System32\Tasks\PCEAC56WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC56 WLAN Card Utilities\WlanMgr.exe
Task: {C207B42D-D566-423B-9783-0A9F94653E8C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C34A6D8E-A941-45A0-A5A6-FB69F38FC765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFEF923D-9C46-4380-BEA9-0569E5E5A0E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {D1213EB2-0E81-4034-BDEF-2F26B2B8A0E2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D4B7CD4D-3E36-4BCB-9155-027756FF1CF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-11] (Google Inc -> Google Inc.)
Task: {D5D8EB39-8D1D-4988-8CE6-22415B5CF488} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC456497-91BB-4F6E-91C0-C7EF8515B6B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {EF51945A-D5CF-49C8-9EC5-7DFA72FE38D5} - System32\Tasks\Opera scheduled assistant Autoupdate 1556210454 => C:\Users\Kato\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kato\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F0BF6343-A695-430A-8583-F26632B7498A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0FBCE0C-770D-4B67-BDC2-52A203E75A69} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F6E25429-CBD8-4593-9519-0A03E887276D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {F7263E59-A6CF-46A6-897D-C536222EE5B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}: [NameServer] 195.175.39.40,195.175.39.39
Tcpip\..\Interfaces\{541d6c36-cce2-43fc-a544-deceaf7a6643}: [DhcpNameServer] 192.168.46.242
Tcpip\..\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}: [NameServer] 195.175.39.40,195.175.39.39,25.0.0.1
Tcpip\..\Interfaces\{846c7fb7-9d7f-498e-b28d-19c799bd18f7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{b0752e0e-5596-4ed5-ac64-200cd47d5898}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{df4dd499-8be6-4291-bec1-b8b3b1f4ba54}: [DhcpNameServer] 212.166.210.82 212.166.132.104
Tcpip\..\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}: [NameServer] 195.175.39.40,195.175.39.39

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default [2021-07-06]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-11]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-23]
CHR Extension: (Documentos) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-11]
CHR Extension: (Google Drive) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-11]
CHR Extension: (Hojas de cálculo) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-11]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-06-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-25]
CHR Extension: (Google Maps) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhkaebcjjhencmpkapnbdaogjamfbcj [2021-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-02]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-21]
CHR Profile: C:\Users\Kato\AppData\Local\Google\Chrome\User Data\System Profile [2021-06-21]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [miockbgloklamfiklogjaohlgekodeok]
CHR HKLM-x32\...\Chrome\Extension: [obhdbhpjhfncnelcpknkffpdmpdcjpep]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-02-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-17] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7462200 2021-07-03] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675376 2021-03-29] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2466608 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3344176 2019-11-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 Outfox; C:\Program Files\Outfox\OutfoxService.exe [128512 2018-08-14] (Golden Frog, GmbH) [Archivo no firmado]
R2 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-02] (Razer USA Ltd. -> Razer)
S3 Rockstar Service; D:\Launcher\RockstarService.exe [2219416 2021-06-10] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzSndSrv; C:\WINDOWS\system32\RZSurroundService.exe [353520 2019-11-11] (Razer USA Ltd. -> Razer)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395360 2021-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Archivo no firmado]
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-07-03] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-25] (Malwarebytes Inc -> Malwarebytes)
R3 MpKslaf94bd91; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{50A0DE8C-AD84-4CA8-805B-22555349B850}\MpKslDrv.sys [107752 2021-07-05] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-01-17] (A-Volute -> Windows (R) Win 7 DDK provider)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 Spybot3ELAM; C:\WINDOWS\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
R3 sRZVAD; C:\WINDOWS\System32\drivers\RZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174728 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-06 13:57 - 2021-07-06 13:58 - 000027316 _____ C:\Users\Kato\Desktop\FRST.txt
2021-07-05 14:32 - 2021-07-05 14:32 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-07-05 14:28 - 2021-07-05 14:30 - 000014535 _____ C:\Users\Kato\Desktop\Fixlog.txt
2021-07-05 14:26 - 2021-07-05 14:26 - 000000252 _____ C:\Users\Kato\Desktop\DelFix.txt
2021-06-28 14:11 - 2021-06-28 14:11 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-06-28 14:11 - 2021-06-28 14:11 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-28 14:11 - 2021-06-28 14:11 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-28 14:11 - 2021-06-28 14:11 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-28 14:11 - 2021-06-28 14:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-06-28 14:11 - 2021-06-28 14:11 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-06-28 14:11 - 2021-06-28 14:11 - 000011333 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-28 14:10 - 2021-06-28 14:10 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-06-28 14:10 - 2021-06-28 14:10 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-28 14:10 - 2021-06-28 14:10 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-28 14:10 - 2021-06-28 14:10 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-28 14:10 - 2021-06-28 14:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-28 13:22 - 2021-06-28 13:22 - 000001934 _____ C:\Users\Kato\Desktop\PC Health Check.lnk
2021-06-28 13:22 - 2021-06-28 13:22 - 000001340 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-06-28 13:22 - 2021-06-28 13:22 - 000000000 ___RD C:\Users\Kato\AppData\Local\PCHealthCheck
2021-06-28 13:20 - 2021-06-28 13:20 - 014114816 _____ C:\Users\Kato\Downloads\WindowsPCHealthCheckSetup.msi
2021-06-25 18:19 - 2021-06-25 18:19 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-22 17:04 - 2021-06-22 17:05 - 000000000 ____D C:\Users\Kato\Documents\Image-Line
2021-06-22 17:03 - 2021-06-22 17:03 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2021-06-22 17:03 - 2021-06-22 17:03 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2021-06-22 17:02 - 2021-06-22 17:02 - 000001882 _____ C:\Users\Kato\Desktop\FL Studio 20.lnk
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Program Files\Common Files\VST2
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2021-06-22 17:02 - 2021-06-22 17:02 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2021-06-22 16:58 - 2021-06-22 17:03 - 000000000 ____D C:\Program Files\Image-Line
2021-06-22 16:53 - 2021-06-22 16:54 - 973680760 _____ (Image-Line) C:\Users\Kato\Downloads\flstudio_win_20.8.3.2304.exe
2021-06-21 17:26 - 2021-06-21 17:26 - 000000000 ____D C:\WINDOWS\ERUNT
2021-06-21 17:24 - 2021-06-21 17:24 - 000781312 _____ C:\Users\Kato\Desktop\Delfix_1.013.exe
2021-06-21 17:17 - 2021-07-06 13:58 - 000000000 ____D C:\FRST
2021-06-21 17:16 - 2021-07-05 14:27 - 002301440 _____ (Farbar) C:\Users\Kato\Desktop\FRST64.exe
2021-06-20 12:07 - 2021-06-20 12:20 - 000091610 _____ C:\Users\Kato\Desktop\SystemLook.txt
2021-06-19 11:44 - 2021-06-19 11:44 - 000165376 _____ C:\Users\Kato\Desktop\SystemLook_x64.exe
2021-06-17 19:08 - 2021-06-17 19:08 - 010482312 _____ C:\WINDOWS\cpepmon.mlf
2021-06-17 17:49 - 2021-06-17 17:50 - 000000000 ____D C:\AdwCleaner
2021-06-17 17:48 - 2021-06-17 17:48 - 008534696 _____ (Malwarebytes) C:\Users\Kato\Downloads\adwcleaner_8.2.exe
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-17 17:37 - 2021-06-17 17:37 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-17 17:37 - 2021-06-17 17:37 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-17 17:36 - 2021-06-17 17:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-17 17:36 - 2021-06-17 17:36 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-17 17:36 - 2021-06-17 17:36 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-17 17:35 - 2021-06-17 17:35 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-17 17:35 - 2021-06-17 17:35 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-17 17:35 - 2021-06-17 17:35 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-17 17:34 - 2021-06-17 17:34 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-16 18:54 - 2021-06-16 18:54 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts
2021-06-16 16:46 - 2021-06-09 05:58 - 000037664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-06-16 16:38 - 2021-06-09 16:14 - 000626976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001453328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-16 16:37 - 2021-06-09 16:18 - 001192720 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-16 16:37 - 2021-06-09 16:18 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000715552 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-16 16:37 - 2021-06-09 16:14 - 000575776 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 002106128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001590544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001514768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000811792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000689936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-16 16:37 - 2021-06-09 16:13 - 000675088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:13 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 007434016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-16 16:37 - 2021-06-09 16:12 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-16 16:37 - 2021-06-09 16:11 - 000848672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-16 16:37 - 2021-06-09 16:10 - 006159144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-16 16:37 - 2021-06-09 05:58 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-15 16:45 - 2021-06-15 17:05 - 3426484224 _____ C:\Users\Kato\Downloads\kali-linux-2021.2-virtualbox-i386.ova
2021-06-15 16:39 - 2021-06-15 17:09 - 000000000 ____D C:\Users\Kato\VirtualBox VMs
2021-06-15 16:36 - 2021-06-15 16:36 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-06-15 16:36 - 2021-06-15 16:36 - 000000000 ____D C:\Program Files\Oracle
2021-06-15 16:36 - 2021-04-28 14:27 - 000187648 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2021-06-15 16:36 - 2021-04-28 14:26 - 001038080 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2021-06-15 16:33 - 2021-06-15 16:34 - 108114104 _____ (Oracle Corporation) C:\Users\Kato\Downloads\VirtualBox-6.1.22-144080-Win.exe
2021-06-15 16:14 - 2020-01-26 00:42 - 000000000 ____D C:\Users\Kato\Downloads\aircrack-ng-1.6-win
2021-06-13 20:23 - 2021-06-16 18:52 - 000000000 ____D C:\Users\Kato\.VirtualBox
2021-06-13 20:23 - 2021-06-16 18:46 - 000000000 ____D C:\ProgramData\VirtualBox
2021-06-13 20:18 - 2021-07-03 19:55 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-13 20:18 - 2021-07-03 19:55 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-13 20:17 - 2021-07-03 19:54 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-13 20:17 - 2021-06-13 20:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-13 20:16 - 2021-06-13 20:16 - 002080712 _____ (Malwarebytes) C:\Users\Kato\Downloads\MBSetup.exe
2021-06-12 22:44 - 2021-06-13 11:33 - 001299116 _____ C:\WINDOWS\Minidump\061221-32015-01.dmp
2021-06-10 18:56 - 2021-06-10 19:01 - 002580556 _____ C:\WINDOWS\Minidump\061021-44562-01.dmp
2021-06-09 18:35 - 2021-06-09 18:35 - 020018660 _____ C:\Users\Kato\Downloads\PodCast (Karla y Alejandro).mp4

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-07-06 13:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-06 13:48 - 2019-10-03 19:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-07-06 13:38 - 2020-10-11 16:41 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2EDE850B-4BB9-488A-92CD-0EDD412A80D9}
2021-07-06 13:38 - 2018-11-11 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-06 13:37 - 2020-10-11 16:34 - 000845712 _____ C:\WINDOWS\system32\perfh019.dat
2021-07-06 13:37 - 2020-10-11 16:34 - 000232580 _____ C:\WINDOWS\system32\perfc019.dat
2021-07-06 13:37 - 2020-10-11 16:32 - 000005852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-06 13:37 - 2019-12-07 16:55 - 001102146 _____ C:\WINDOWS\system32\perfh00A.dat
2021-07-06 13:37 - 2019-12-07 16:55 - 000250854 _____ C:\WINDOWS\system32\perfc00A.dat
2021-07-05 22:16 - 2020-10-11 16:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-05 18:07 - 2018-10-20 15:56 - 000000000 _____ C:\Users\Public\Shared Files
2021-07-05 18:02 - 2018-11-24 14:39 - 000000000 ____D C:\Users\Kato\AppData\Roaming\WhatsApp
2021-07-05 16:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-05 16:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-05 14:32 - 2021-05-24 18:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-05 14:32 - 2020-10-11 16:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-05 14:31 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-05 14:29 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-07-05 14:26 - 2021-05-22 20:00 - 000000252 _____ C:\DelFix.txt
2021-07-04 13:28 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Roaming\discord
2021-07-04 13:22 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\Discord
2021-07-04 13:15 - 2020-07-17 15:26 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-04 13:15 - 2020-07-17 15:26 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-07-03 17:45 - 2018-11-11 19:26 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-03 17:18 - 2018-12-24 19:23 - 000000000 ____D C:\Users\Kato\AppData\Local\CrashDumps
2021-06-30 19:01 - 2021-05-14 17:07 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-30 13:16 - 2020-10-11 21:58 - 000003554 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69fdb96f73b
2021-06-30 13:16 - 2020-10-11 16:41 - 000003652 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-29 18:13 - 2020-10-11 16:41 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1141238596-2014631217-894586651-1001
2021-06-29 18:13 - 2020-10-11 16:21 - 000002410 _____ C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-29 18:13 - 2018-11-10 16:16 - 000000000 ___RD C:\Users\Kato\OneDrive
2021-06-29 16:15 - 2021-05-23 18:02 - 000000000 ____D C:\Users\Kato\AppData\Local\WhatsApp
2021-06-29 16:15 - 2018-10-16 17:10 - 000000000 ____D C:\Users\Kato\AppData\Local\SquirrelTemp
2021-06-29 13:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-28 16:12 - 2020-10-11 16:15 - 000529144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-28 14:26 - 2019-12-07 16:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-28 14:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-28 14:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-26 12:49 - 2019-02-14 21:27 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-22 17:31 - 2020-10-11 16:21 - 000000000 ____D C:\Users\Kato
2021-06-22 17:26 - 2018-10-20 15:51 - 000000000 ____D C:\Users\Kato\AppData\Local\NVIDIA Corporation
2021-06-21 19:28 - 2018-11-10 16:17 - 000000000 ____D C:\Users\Kato\AppData\Local\ElevatedDiagnostics
2021-06-21 17:32 - 2018-10-30 20:31 - 000000000 ____D C:\Users\Kato\AppData\LocalLow\Temp
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-17 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-17 16:45 - 2020-08-27 12:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 16:45 - 2018-11-12 16:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-17 16:41 - 2018-11-12 16:55 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-16 16:48 - 2018-12-09 12:35 - 000000000 ____D C:\Users\Kato\AppData\Local\NVIDIA
2021-06-13 20:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-13 17:19 - 2018-11-10 15:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-13 11:34 - 2021-05-30 16:19 - 000000000 ____D C:\WINDOWS\Minidump
2021-06-12 22:44 - 2021-05-30 16:18 - 1037373645 _____ C:\WINDOWS\MEMORY.DMP
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files\Rockstar Games
2021-06-10 19:03 - 2020-05-15 21:05 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-06-10 19:02 - 2020-09-22 21:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-10 16:55 - 2018-11-10 16:14 - 000000000 ____D C:\Users\Kato\AppData\Local\Packages
2021-06-09 16:13 - 2021-04-24 17:55 - 000656160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-09 16:10 - 2020-09-12 19:19 - 007212216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-09 05:58 - 2020-09-12 19:22 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-06-08 20:22 - 2018-10-20 11:13 - 000000000 ____D C:\Users\Kato\AppData\Local\UnrealEngine
2021-06-07 20:56 - 2018-11-11 18:12 - 000000000 ____D C:\Users\Kato\AppData\Local\PlaceholderTileLogoFolder
2021-06-07 20:56 - 2018-11-10 17:11 - 000000000 ____D C:\ProgramData\Packages

==================== Archivos en la raíz de algunos directorios ========

2020-05-07 13:10 - 2020-05-07 13:10 - 000000604 ____H () C:\Program Files (x86)\_Z2
2018-12-14 20:04 - 2019-05-22 16:23 - 000001845 _____ () C:\Users\Kato\AppData\Local\oobelibMkey.log
2019-02-20 17:59 - 2019-02-20 19:28 - 000000093 _____ () C:\Users\Kato\AppData\Local\X-Plane 11 Preferences.prf
2019-02-20 19:14 - 2020-10-23 20:01 - 000000037 _____ () C:\Users\Kato\AppData\Local\X-Plane Installer.prf
2019-02-20 19:14 - 2020-10-23 20:05 - 000000112 _____ () C:\Users\Kato\AppData\Local\X-Plane_drm_11.prf
2019-02-20 18:00 - 2019-02-20 18:00 - 000000016 _____ () C:\Users\Kato\AppData\Local\x-plane_install_11.txt
2019-06-27 17:31 - 2020-10-23 20:03 - 000000102 _____ () C:\Users\Kato\AppData\Local\X-Plane_xdd_11.prf

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Y aquí el addition.

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 04-07-2021
Ejecutado por Kato (06-07-2021 14:00:01)
Ejecutado desde C:\Users\Kato\Desktop
Windows 10 Pro Versión 20H2 19042.1081 (X64) (2020-10-11 14:43:03)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================


(Si una entrada es incluida en el fixlist, será eliminada.)

Administrador (S-1-5-21-1141238596-2014631217-894586651-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1141238596-2014631217-894586651-503 - Limited - Disabled)
Invitado (S-1-5-21-1141238596-2014631217-894586651-501 - Limited - Disabled)
Kato (S-1-5-21-1141238596-2014631217-894586651-1001 - Administrator - Enabled) => C:\Users\Kato
WDAGUtilityAccount (S-1-5-21-1141238596-2014631217-894586651-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Spybot - Search and Destroy (Disabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

7.1 Surround Sound (HKLM-x32\...\Razer Surround Sound) (Version: 1.0.1.12 - Razer Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_3) (Version: 13.0.3 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0) (Version: 14.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
ASUS PCE-AC56 WLAN Card Utilities/Driver (HKLM-x32\...\{FD792656-6D10-4876-AB24-A845232B7527}) (Version: 2.1.3.8 - ASUS)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Comprobación de estado de PC Windows (HKLM\...\{BFFB10A0-7987-4AF9-8A03-14ECB01CF235}) (Version: 2.3.2106.25001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1034-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Macrium Reflect Free Edition (HKLM\...\{9AA26274-9F90-4E5F-9CC7-C3698D4BE301}) (Version: 7.3.5672 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes version 4.4.2.123 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.2.123 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\Proplus2019Retail - es-es) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Project - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.12 - MSI)
NBP ColourmapX version 1.5.0 (HKLM-x32\...\{A440258D-EC79-4A9B-89C5-FB7E06F2F4A0}_is1) (Version: 1.5.0 - Nino Batista Photography)
NVIDIA Controlador de audio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 466.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.77 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.56.33908 - Electronic Arts, Inc.)
Outfox (HKLM\...\{D6F22242-0EDB-4505-B1E9-DF536EB7D477}) (Version: 1.6.0 - Golden Frog, GmbH)
paint.net (HKLM\...\{7ADB1B05-39DE-4888-A72D-D1F3A791D45F}) (Version: 4.2.12 - dotPDN LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Revo Uninstaller Pro 4.4.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.41.364 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Software Intel® PROSet/Wireless (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
WhatsApp (HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\WhatsApp) (Version: 2.2123.8 - WhatsApp)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2021-05-21] (Adobe Systems Incorporated)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-29] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.201.0_x64__8wekyb3d8bbwe [2021-06-26] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-27] (NVIDIA Corp.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1141238596-2014631217-894586651-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Kato\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b2801df14ec7de03\nvshext.dll [2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2019-04-15] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Archivo no firmado]
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\SysWOW64\lhacm.acm [34064 2020-03-25] (Microsoft Corporation) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Kato\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\Kato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Módulos cargados (Lista blanca) =============

2018-08-14 18:07 - 2018-08-14 18:07 - 000169472 _____ () [Archivo no firmado] C:\Program Files\Outfox\libuv.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000168960 _____ () [Archivo no firmado] C:\Program Files\Outfox\websockets.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000022528 _____ () [Archivo no firmado] C:\Program Files\Outfox\WinDivert.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 001830400 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\GamingCoreLib.dll
2018-08-14 18:17 - 2018-08-14 18:17 - 000359424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\OutfoxWindows.dll
2018-08-14 18:16 - 2018-08-14 18:16 - 000295424 _____ (Golden Frog, GmbH) [Archivo no firmado] C:\Program Files\Outfox\RedirectLibrary.dll
2020-04-19 11:28 - 2020-04-19 11:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-19 11:28 - 2020-04-19 11:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000073728 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\cares.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000359936 _____ (The cURL library, hxxps://curl.haxx.se/) [Archivo no firmado] C:\Program Files\Outfox\libcurl.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 002265088 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\LIBEAY32.dll
2018-08-14 18:07 - 2018-08-14 18:07 - 000383488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files\Outfox\SSLEAY32.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7888]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

SearchScopes: HKU\S-1-5-21-1141238596-2014631217-894586651-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.

IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\123simsen.com -> www.123simsen.com

Hay 7938 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2021-06-16 18:54 - 2021-07-05 14:29 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> C:\aircrack-ng-1.6-win\bin
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kato\Pictures\fondo definitivo.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

Network Binding:
=============
Wi-Fi 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\StartupFolder: => "Enviar a OneNote.lnk"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1141238596-2014631217-894586651-1001\...\StartupApproved\Run: => "Krisp"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

==================== Puntos de Restauración =========================

28-06-2021 13:21:00 Installed Windows PC Health Check
28-06-2021 13:39:30 Instalador de Módulos de Windows
28-06-2021 13:51:49 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (07/05/2021 02:31:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (07/05/2021 02:31:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (07/05/2021 02:29:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (07/05/2021 02:28:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {1771ccc6-3ca9-4b16-8135-ffda6291af7b}

Error: (07/03/2021 07:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 4.0.0.1023, marca de tiempo: 0x60be8692
Nombre del módulo con errores: ntdll.dll, versión: 10.0.19041.1081, marca de tiempo: 0x088bf621
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000ff199
Identificador del proceso con errores: 0x2324
Hora de inicio de la aplicación con errores: 0x01d7703453a8a8d4
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: adbff8b5-2a50-4ce8-ad57-2c8a0f51de79
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/03/2021 05:18:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AdobeNotificationClient.exe, versión: 4.9.0.484, marca de tiempo: 0x5d0b467b
Nombre del módulo con errores: AdobeNotificationClient.exe, versión: 4.9.0.484, marca de tiempo: 0x5d0b467b
Código de excepción: 0x80000003
Desplazamiento de errores: 0x0000b311
Identificador del proceso con errores: 0x1d40
Hora de inicio de la aplicación con errores: 0x01d7701ea4a53b16
Ruta de acceso de la aplicación con errores: C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
Ruta de acceso del módulo con errores: C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
Identificador del informe: 63b0ec91-9f5c-43a8-92fa-524a3036e3a8
Nombre completo del paquete con errores: AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc
Identificador de aplicación relativa del paquete con errores: App

Error: (07/03/2021 05:16:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (07/03/2021 05:16:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent


Errores del sistema:
=============
Error: (07/05/2021 10:16:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-KLCJ84U)
Description: Error de DCOM "1053" al intentar iniciar el servicio BcastDVRUserService_68c4ce con argumentos "No disponible" para ejecutar el servidor:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (07/05/2021 10:16:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de usuario de difusión y GameDVR_68c4ce no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (07/05/2021 10:16:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de usuario de difusión y GameDVR_68c4ce.

Error: (07/05/2021 07:10:07 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-KLCJ84U)
Description: Se agotó el tiempo de espera de la activación de Windows.Media.Capture.AppCaptureManager de CLSID esperando que el servicio BcastDVRUserService_68c4ce se detuviera.

Error: (07/05/2021 02:33:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Origin Web Helper Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (07/05/2021 02:33:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Origin Web Helper Service.

Error: (07/05/2021 02:31:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (07/05/2021 02:31:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\System32\bcmihvsrv64.dll


Windows Defender:
================
Date: 2021-07-05 14:45:00
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {08EA3B7A-578A-40E6-B1EB-5834CD2A8FD0}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-07-03 17:44:49
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {C376866F-A4E0-4DF4-A48F-71567698EA83}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-07-03 17:22:28
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {69AE5BF2-6BAB-48D9-A890-BAE55F9DFB94}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-30 18:38:25
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {56A1FE0D-7BCD-4D5D-BD7A-4A65C947259F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-30 12:36:38
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {95C4EDED-C20F-49A4-A3A9-DBAB4945A8F1}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2021-06-30 16:36:24
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.341.1614.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18200.4
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

Date: 2021-06-30 16:36:21
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.343.118.0
Versión anterior de inteligencia de seguridad: 1.341.1614.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18300.4
Versión anterior del motor: 1.1.18200.4
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-30 16:36:21
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 1.343.118.0
Versión anterior de inteligencia de seguridad: 1.341.1614.0
Origen de actualización: Usuario
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 1.1.18300.4
Versión anterior del motor: 1.1.18200.4
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-30 16:36:21
Description: 
Antivirus de Microsoft Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.18300.4
Versión de motor anterior: 1.1.18200.4
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x80070666
Descripción del error: Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2021-06-19 11:40:34
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.341.914.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.18200.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===============
Date: 2021-06-18 17:22:51
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 1.00 06/27/2018
Placa base: Micro-Star International Co., Ltd B450 GAMING PLUS (MS-7B86)
Procesador: AMD Ryzen 5 2600 Six-Core Processor 
Porcentaje de memoria en uso: 23%
RAM física total: 16335.04 MB
RAM física disponible: 12467.38 MB
Virtual total: 28335.04 MB
Virtual disponible: 22310.91 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:663.56 GB) NTFS
Drive d: (SSD) (Fixed) (Total:223.57 GB) (Free:149.25 GB) NTFS

\\?\Volume{cd464440-c406-4f54-9ed8-9c78cdc84762}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{816f243e-e65d-49ff-bb14-9d747dacf149}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: AD8A6695)
Partition 1: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0A110421)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola, buenas @Kato

Primero de todo yo también quiero pedirte disculpas, pues últimamente tengo súper poco tiempo para dedicarle al foro. De todas formas Yo seguiré con tu caso hasta el final, hasta que esté solucionado. Aunque tarde bastante en responder, para nada te dejaré tirado.

• Descargas DelFix en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

• Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
SystemRestore: On
CREATERESTOREPOINT:
CLOSEPROCESSES:
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Tcpip\..\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}: [NameServer] 195.175.39.40,195.175.39.39
Tcpip\..\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}: [NameServer] 195.175.39.40,195.175.39.39,25.0.0.1
Tcpip\..\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}: [NameServer] 195.175.39.40,195.175.39.39
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7888]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta.

4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

Debo decirte que ese Script son algunas pequeñas reparaciones/ajustes (con poca importancia). Ya no se han detectado rastros de ZoneAlarm.

De todas formas, quiero estar al 100 x 100 seguro de que está TODO OK. Así que también como tengo poco tiempo, una vez hayas hecho lo del FRST, vamos a por la prueba de fuego.

DESCARTAR RESTOS ZoneAlarm

• Reinicias el ordenador en Modo Normal.

• Desactivas tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

• Descargas SystemLook_32_bits o SystemLook_64_bits en tu escritorio en función de la arquitectura de tu sistema operativo.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

Copias y pegas los códigos/líneas que están en el interior del recuadro de más abajo, dentro de la propia ventana del programa y pulsas en Look.

:filefind  
*cpbak*
*epnetflt*
*epregflt*
*ardrv*
*ZoneAlarm*
*CheckPoint*
            
:regfind  
ZoneAlarm
CheckPoint
 
:folderfind
*ZoneAlarm*
*CheckPoint*

El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

• Esperas a que finalice la búsqueda de posibles restos del programa en cuestión. Puede tardar un buen rato así que lo dejas hasta que finalice.

• Cuando finalice, en el ESCRITORIO se creará el fichero llamado SystemLook.txt lo traes en tu próxima respuesta.

• Activas nuevamente tu antivirus y cualquier programa de seguridad que tuvieses activado.

Muy Importante Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

report703×272 3.73 KB

Salu2.

P.D.: Si tardo en responder que no te extrañe, voy con muy poco tiempo y es normal. Pero seguiremos el caso hasta el final. YA FALTA SUPERPOCO PARA ACABAR.

Hola, buenas @Kato.

¿Cómo va todo?

¿Has podido realizar algún avance con las instrucciones que te deje?

Salu2.

Hola @MIXU, perdón por la demora, he estado en el pueblo y he estado poco tiempo con el ordenador. En cuanto al fixlog, se ha realizado correctamente y te lo adjunto aquí abajo. El problema es el systemlook, se queda tildado en esta fase Searching for " " y no avanza y no sé que hacer, a la espera de tu respuesta. Saludos.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 11-07-2021
Ejecutado por Kato (12-07-2021 22:43:58) Run:4
Ejecutado desde C:\Users\Kato\Desktop
Perfiles cargados: Kato
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
SystemRestore: On
CREATERESTOREPOINT:
CLOSEPROCESSES:
Policies: C:\ProgramData\NTUSER.pol: Restricción <==== ATENCIÓN
Tcpip\..\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}: [NameServer] 195.175.39.40,195.175.39.39
Tcpip\..\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}: [NameServer] 195.175.39.40,195.175.39.39,25.0.0.1
Tcpip\..\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}: [NameServer] 195.175.39.40,195.175.39.39
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7888]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

SystemRestore: On => completado
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
C:\ProgramData\NTUSER.pol => movido correctamente
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{00767d0b-a888-463f-8c6c-d7f5f58895a8}\\NameServer" => eliminado correctamente
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7d3cd284-0c5c-4fdd-8227-8b318594b452}\\NameServer" => eliminado correctamente
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e8fd8c29-afac-4f09-a6cd-b2f11378d9d4}\\NameServer" => eliminado correctamente
C:\Users\Public\Shared Files => ":VersionCache" ADS eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi 2: no se puede establecer contacto con el
servidor DHCP. La solicitud super¢ el tiempo de espera.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1141238596-2014631217-894586651-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29682760 B
Java, Flash, Steam htmlcache => 28352943 B
Windows/system/drivers => 70574131 B
Edge => 0 B
Chrome => 426994535 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 37876 B
Kato => 330337220 B

RecycleBin => 67442301 B
EmptyTemp: => 920.3 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 22:45:47 ====