Kaspersky detecta Página web maliciosa cada 1 segundo

Saludos, Llevo peleando contra esta infección por más de un día, todo empezó ayer cuando por equivocación instalé un iso que venia con un exe falso adentro, inmediatamente desmonté la unidad virtual y empezaron los problemas. Kaspersky detecta paginas web maliciosas constantemente, se repite la misma pagina por 4 intentos de acceso y descarga y luego cambia a una pagina nueva con nombres aleatorios. Corrí analisis de malwarebytes, superantispyware y kaspersky en modo seguro y modo normal, borré las infecciones pero el problema persiste. También corrí el ccleaner posterior al uso de estos programas y nada. Sigue el intento de acceso a paginas web con malware. Por suerte kaspersky los bloquea todos.

Adjunto imagen del log: https://ibb.co/z6Ww3NH

No sé como pelear contra esto, Estaré atento a sus sugerencias, Agustin.

Hola @yoed bienvenido al Forospyware

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
• Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo

Gracias por la respuesta, hice sus instrucciones y el problema aun persiste.

Adjunto los reportes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/12/19
Hora del análisis: 11:35
Archivo de registro: 345d8108-1f48-11ea-9130-a81e843434f5.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.781
Versión del paquete de actualización: 1.0.16208
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.535)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-KA690AR9\agust

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Cancelado
Objetos analizados: 522829
Amenazas detectadas: 5
Amenazas en cuarentena: 5
Tiempo transcurrido: 9 hr, 10 min, 7 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 1
Trojan.Agent, C:\PROGRAMDATA\WIFISERVICE\WIFISERVICE.EXE, En cuarentena, 475, 459303, , , , 

Módulo: 1
Trojan.Agent, C:\PROGRAMDATA\WIFISERVICE\WIFISERVICE.EXE, En cuarentena, 475, 459303, , , , 

Clave del registro: 1
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WIFIService, En cuarentena, 475, 459303, 1.0.16208, , ame, 

Valor del registro: 1
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WIFIService|IMAGEPATH, En cuarentena, 475, 459303, 1.0.16208, , ame, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
Trojan.Agent, C:\PROGRAMDATA\WIFISERVICE\WIFISERVICE.EXE, En cuarentena, 475, 459303, , , , 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-15-2019
# Duration: 00:01:02
# OS:       Windows 10 Home Single Language
# Scanned:  35226
# Detected: 115


***** [ Services ] *****

PUP.Optional.Assistant          Amazon Assistant Service

***** [ Folders ] *****

Adware.ICLoader                 C:\ProgramData\WIFIService
Adware.pokki                    C:\Users\Default\AppData\Local\Host App Service
Adware.pokki                    C:\Users\Public\App Explorer
Adware.pokki                    C:\Users\agust\AppData\Local\Host App Service
Adware.pokki                    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki                    C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\agust\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AmazonAssistant    C:\Program Files (x86)\Amazon\Amazon Assistant
PUP.Optional.DriverAgentPlus    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverAgent Plus
PUP.Optional.Legacy             C:\Program Files\Hola
PUP.Optional.Legacy             C:\Users\agust\AppData\Roaming\Hola

***** [ Files ] *****

Adware.pokki                    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki                    C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.Assistant          C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
PUP.Optional.Booking            C:\Users\agust\Favorites\Booking.com.url
PUP.Optional.Booking            C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking            C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
PUP.Optional.Legacy             C:\END

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

Adware.pokki                    C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Adware.ICLoader                 HKLM\Software\Wow6432Node\WIFIService
Adware.pokki                    HKCU\Software\App Host Service
Adware.pokki                    HKCU\Software\Host App Service
Adware.pokki                    HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB7E11AA-FBDB-479B-8971-B8B64F732450} 
Adware.pokki                    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Amazon1Button      HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.AmazonAssistant    HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant    HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant    HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant    HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant    HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant    HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.Assistant          HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant          HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
PUP.Optional.DriverAgentPlus    HKCU\Software\DriverAgent Plus
PUP.Optional.DriverAgentPlus    HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverAgent Plus
PUP.Optional.Legacy             HKCU\Software\Hola
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy             HKLM\Software\Hola
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Hola
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}

***** [ Chromium (and derivatives) ] *****

PUP.Optional.AmazonBrowserBar   Amazon Assistant for Chrome

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework   Folder   C:\Program Files (x86)\ACER\AOP FRAMEWORK 
Preinstalled.ACERAOPFramework   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent 
Preinstalled.ACERAOPFramework   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353} 
Preinstalled.ACERClear.fiShellExtension   Registry   HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B} 
Preinstalled.ACERClear.fiShellExtension   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B} 
Preinstalled.AcerCareCenter   Folder   C:\Program Files (x86)\ACER\CARE CENTER 
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF8A2BB1-EEA7-49FB-A67F-9C2723CDCCD6}  
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{905B6BE1-7AC8-4E92-A2C4-38032AAD5A58}  
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF8A2BB1-EEA7-49FB-A67F-9C2723CDCCD6}  
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent 
Preinstalled.AcerCareCenter   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication 
Preinstalled.AcerCareCenter   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719} 
Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCAGENT 
Preinstalled.AcerCareCenter   Task   C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION 
Preinstalled.AcerConfigurationManager   Folder   C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258 
Preinstalled.AcerConfigurationManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51ACA936-C17E-4B65-858B-B40AB7D31C7A}  
Preinstalled.AcerConfigurationManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258 
Preinstalled.AcerConfigurationManager   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258} 
Preinstalled.AcerConfigurationManager   Task   C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258 
Preinstalled.AcerJumpstart   Folder   C:\Program Files (x86)\ACER\ACER JUMPSTART 
Preinstalled.AcerJumpstart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90} 
Preinstalled.AcerPortal   Folder   C:\Program Files (x86)\ACER\ACER PORTAL 
Preinstalled.AcerPortal   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13} 
Preinstalled.AcerQuickAccess   Folder   C:\Program Files\ACER\ACER QUICK ACCESS 
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54B73AC5-EEA8-494C-9F42-24CA00F48226}  
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3F696AE-2687-4DA0-BBB0-03C9F2908770}  
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button 
Preinstalled.AcerQuickAccess   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access 
Preinstalled.AcerQuickAccess   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF} 
Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\POWER BUTTON 
Preinstalled.AcerQuickAccess   Task   C:\Windows\System32\Tasks\QUICK ACCESS 
Preinstalled.AcerUEIPFramework   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK 
Preinstalled.AcerUEIPFramework   Folder   C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR 
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{745568D9-A7C4-4B13-9B8F-C689F92089C9}  
Preinstalled.AcerUEIPFramework   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService 
Preinstalled.AcerUEIPFramework   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7} 
Preinstalled.AcerUEIPFramework   Task   C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE 
Preinstalled.AcerUpdater   Folder   C:\ProgramData\ACER\ACER UPDATER 
Preinstalled.AcerabBox   Registry   HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68} 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDGAMES 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES 
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES\APP 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App 
Preinstalled.WildTangentGamesBundle   Registry   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 
Preinstalled.WildTangentGamesBundle   Registry   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Hola

El reporte de AdwCleaner es del escaneo, mandaste a cuarentena lo que detectó? Si no es así vuelve a ejecutarlo antes de realizar lo siguiente.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Si lo mandé a cuarentena.

Adjunto los scans:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by agust (administrator) on LAPTOP-KA690AR9 (Acer Aspire E5-575G) (16-12-2019 12:02:38)
Running from C:\Users\agust\Downloads
Loaded Profiles: agust (Available Profiles: agust)
Platform: Windows 10 Home Single Language Version 1903 18362.535 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
(Kaspersky Lab -> ) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Kristjan Skutta -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\agust\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.306\WsAppService3.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506352 2018-10-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [adc_launcher] => C:\Program Files (x86)\FreeStyle Libre\adc_launcher.exe [211456 2018-12-05] (Abbott Diabetes Care) [File not signed]
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3289040 2019-12-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe [411912 2016-12-22] (Kaspersky Lab -> )
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [Discord] => C:\Users\agust\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23871792 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [Spotify] => C:\Users\agust\AppData\Roaming\Spotify\Spotify.exe [21141408 2019-12-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\agust\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3289040 2019-12-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.6\kpm.exe [411912 2016-12-22] (Kaspersky Lab -> )
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [Discord] => C:\Users\agust\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23871792 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [Spotify] => C:\Users\agust\AppData\Roaming\Spotify\Spotify.exe [21141408 2019-12-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [com.squirrel.Teams.Teams] => C:\Users\agust\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03C3BE45-86E6-4FB3-A29C-C8A872E5D669} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {0A4A883C-35B2-4861-92A6-7D958B2F4B35} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {10C8FDE2-12D9-4CE9-9371-394CE30D8DCC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {13FC652A-A3F7-442A-8046-A2A50DB72DF4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {18628287-2464-43BE-A1C4-248FB5EE8F5B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {1C4A098F-AEBD-4A70-83BE-544276412A9C} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {26A6153F-F711-4A8F-8DFA-F07E744E052D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F99E7F0-8A77-4BC7-B2EA-2035DD7E6DEE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {3C9C7270-47B2-4175-93C8-6FDEA6DCFDA4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F8BDC1F-7322-4E24-A6AE-6C2C168B6C39} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {60605369-88A2-4251-8249-63FB52AE0F5A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60756640-6A37-43D3-86D9-F5472AF43D51} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [647720 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64DA26B5-FC41-4DB7-80CB-CD1934FDEEF6} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81237836-6D00-4469-B96C-6695E5D19AA9} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2018-03-09] (Acer Incorporated -> Acer Incorporated)
Task: {83B6B89B-DD1B-41CB-B88E-514229718861} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {907F1484-2E5D-4B8E-ABF1-3AAA8344AC8D} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {979A8CD0-F369-47C3-AC00-5AA66FA25923} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {9C621C59-EE39-410A-B444-4C0D0F154431} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F03270F-8E4C-4464-809A-4542CEB7A20D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB7F4141-A1F8-41F5-9C1B-CFA4BDF2C8F9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE9A16DE-6A25-4091-8373-4EFB52A77DEC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [982568 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B0728EC0-5E98-4A5F-A392-D4C39A5E9EBA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1D8B94A-D9A4-4EA3-8F4C-E79B1BF8EE37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856616 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B738E7D1-6469-484C-8153-D8F3AF0A73B1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {BCE148F7-8337-4411-9E3C-FF3DC8BD98C1} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe
Task: {C0DD3484-4C1E-423D-8896-B7D960DDD93B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0EB4C35-0CA5-469F-B288-55025663C0CA} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {C26BD332-143B-4011-BDF4-52C9787F90DA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297832 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEF25FA1-47E9-4FD8-9906-4180A4AC1367} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD4B9136-127D-4D4E-A3EC-54C8EA067718} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E943024B-80CD-47C1-88FC-F2CC8E556459} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856616 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1109FB9-BC03-461B-9FCA-FFCDBD48753B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1444144 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{67ab03ee-4f9f-4788-a547-c039a90c1d6a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{bb269ec9-4ae6-48b1-aba4-32a4c887e76d}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{f6dcf980-31b3-495d-9de1-71b17eefc569}: [DhcpNameServer] 40.30.1.66

Internet Explorer:
==================
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-25] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jlj3vueh.default
FF ProfilePath: C:\Users\agust\AppData\Roaming\Mozilla\Firefox\Profiles\jlj3vueh.default [2019-12-16]
FF Homepage: Mozilla\Firefox\Profiles\jlj3vueh.default -> www.google.cl
FF Extension: (Amazon Assistant for Firefox) - C:\Users\agust\AppData\Roaming\Mozilla\Firefox\Profiles\jlj3vueh.default\Extensions\[email protected] [2017-07-25] [Legacy]
FF Extension: (Español (España) Language Pack) - C:\Users\agust\AppData\Roaming\Mozilla\Firefox\Profiles\jlj3vueh.default\Extensions\[email protected] [2017-07-25] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\agust\AppData\Roaming\Mozilla\Firefox\Profiles\jlj3vueh.default\Extensions\[email protected] [2017-07-25] [Legacy]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-05-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default [2019-12-16]
CHR Extension: (Presentaciones) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-21]
CHR Extension: (YouTube) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-26]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2019-10-03]
CHR Extension: (Hojas de cálculo) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-09-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-07]
CHR Extension: (Kaspersky Protection) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2017-09-30]
CHR Extension: (Kaspersky Password Manager) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaoblbjfmcalcjjaifickaoccjmhlal [2019-09-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Mercury Reader) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2019-12-07]
CHR Extension: (Gmail) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mkaoblbjfmcalcjjaifickaoccjmhlal] - hxxps://chrome.google.com/webstore/detail/mkaoblbjfmcalcjjaifickaoccjmhlal
CHR HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mkaoblbjfmcalcjjaifickaoccjmhlal] - hxxps://chrome.google.com/webstore/detail/mkaoblbjfmcalcjjaifickaoccjmhlal
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [414696 2018-10-28] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe [74392 2019-10-24] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] (Intel(R) Software Development Products -> )
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [799928 2018-10-28] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2016-11-10] (Intel(R) CN -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-17] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [424080 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-14] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe [157456 2017-03-07] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] (Intel(R) Software Development Products -> )
R2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [354808 2019-08-13] (Kristjan Skutta -> )
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.306\WsAppService3.exe [56608 2019-06-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [130336 2019-06-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65960 2018-10-28] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1016496 2018-12-24] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2018-01-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [119904 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-08-03] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2018-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [168760 2018-08-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1059152 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-06] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-06-22] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-10-22] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-10-22] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-10-18] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-03-01] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [140928 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2018-01-06] (Kaspersky Lab -> AO Kaspersky Lab)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_7925cf23568a4cac\nvlddmkm.sys [20337080 2018-10-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-07-30] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2360048 2018-08-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-10-28] (Realtek Semiconductor Corp. -> Realtek )
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [878528 2018-10-28] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
R3 SynRMIHID; C:\WINDOWS\System32\drivers\SynRMIHID.sys [57432 2018-10-28] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [46584 2017-09-13] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-16 11:33 - 2019-12-16 11:39 - 000048611 _____ C:\Users\agust\Downloads\Addition.txt
2019-12-16 11:11 - 2019-12-16 12:04 - 000039080 _____ C:\Users\agust\Downloads\FRST.txt
2019-12-16 11:10 - 2019-12-16 12:03 - 000000000 ____D C:\FRST
2019-12-16 11:08 - 2019-12-16 11:08 - 002264064 _____ (Farbar) C:\Users\agust\Downloads\FRST64.exe
2019-12-16 11:08 - 2019-12-16 11:08 - 000000000 ___HD C:\OneDriveTemp
2019-12-15 21:02 - 2019-12-16 10:30 - 000000000 ____D C:\ProgramData\WIFIService
2019-12-15 11:32 - 2019-12-15 20:55 - 000000000 ____D C:\AdwCleaner
2019-12-15 11:31 - 2019-12-15 11:31 - 008218800 _____ (Malwarebytes) C:\Users\agust\Downloads\adwcleaner_8.0.0.exe
2019-12-15 10:25 - 2019-12-15 10:25 - 005659583 _____ (Swearware) C:\Users\agust\Downloads\ComboFix.exe
2019-12-15 10:21 - 2019-12-15 10:23 - 000177090 _____ C:\TDSSKiller.3.1.0.28_15.12.2019_10.21.53_log.txt
2019-12-15 10:21 - 2019-12-15 10:21 - 005054744 _____ (AO Kaspersky Lab) C:\Users\agust\Downloads\tdsskiller.exe
2019-12-15 09:55 - 2019-12-15 09:55 - 000000004 _____ C:\ProgramData\rc.dat
2019-12-15 02:44 - 2019-12-16 10:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-15 02:44 - 2019-12-15 02:44 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-15 02:43 - 2019-12-15 09:58 - 000000000 ____D C:\Program Files\CCleaner
2019-12-15 02:43 - 2019-12-15 02:43 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-15 02:43 - 2019-12-15 02:43 - 000000000 ____D C:\SUPERDelete
2019-12-15 02:43 - 2019-12-15 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-15 02:42 - 2019-12-15 02:42 - 024581800 _____ (Piriform Software Ltd) C:\Users\agust\Downloads\cctrialsetup.exe
2019-12-15 02:39 - 2019-12-15 02:39 - 043607064 _____ (SUPERAntiSpyware) C:\Users\agust\Downloads\SUPERAntiSpywarePro.exe
2019-12-14 20:03 - 2019-12-15 20:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-12-14 20:00 - 2019-12-15 21:00 - 000000000 ____D C:\WINDOWS\pss
2019-12-14 19:53 - 2019-12-14 19:53 - 000000000 ____D C:\Users\agust\AppData\Roaming\DataEraser_Temp
2019-12-14 19:39 - 2019-12-14 19:39 - 000000000 ____D C:\Users\agust\AppData\Local\cache
2019-12-14 19:38 - 2019-12-14 19:38 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-14 19:38 - 2019-12-14 19:38 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-14 19:38 - 2019-12-14 19:38 - 000000000 ____D C:\Users\agust\AppData\Local\mbamtray
2019-12-14 19:38 - 2019-12-14 19:38 - 000000000 ____D C:\Users\agust\AppData\Local\mbam
2019-12-14 19:38 - 2019-12-14 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-14 19:38 - 2019-12-14 19:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-14 19:38 - 2019-12-14 19:37 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-14 19:37 - 2019-12-14 19:37 - 001883976 _____ (Malwarebytes) C:\Users\agust\Downloads\MBSetup-009996.009996.exe
2019-12-14 19:37 - 2019-12-14 19:37 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-14 19:23 - 2019-12-14 19:23 - 000000000 ____D C:\Users\agust\Documents\Wondershare
2019-12-14 19:23 - 2019-12-14 19:23 - 000000000 ____D C:\Users\agust\AppData\Roaming\HYXDevPsnList
2019-12-14 19:23 - 2019-12-14 19:23 - 000000000 ____D C:\Users\agust\AppData\Roaming\dr.extra.config
2019-12-14 19:21 - 2019-12-16 10:34 - 000000004 _____ C:\ProgramData\lock.dat
2019-12-14 19:21 - 2019-12-15 21:21 - 000000052 _____ C:\ProgramData\irw.atsd
2019-12-14 19:21 - 2019-12-14 19:21 - 000000008 _____ C:\ProgramData\ts.dat
2019-12-14 18:30 - 2019-12-14 18:30 - 006112072 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2019-12-14 18:30 - 2019-12-14 18:30 - 000054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys
2019-12-14 18:28 - 2019-12-14 18:37 - 000000000 ___HD C:\Wondershare_DrFone_IOSUnlock
2019-12-14 18:23 - 2019-12-14 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-12-14 18:23 - 2019-12-14 19:23 - 000000000 ____D C:\Users\agust\AppData\Roaming\Wondershare
2019-12-14 18:20 - 2019-12-14 19:59 - 000000000 ____D C:\ProgramData\Wondershare
2019-12-14 18:20 - 2019-12-14 18:21 - 000000000 ____D C:\Program Files (x86)\Wondershare
2019-12-14 18:16 - 2019-06-12 16:48 - 075876888 _____ (Wondershare ) C:\Users\agust\Downloads\Wondershare.Dr.Fone.for.Android.iOS.9.9.10.43.exe
2019-12-12 19:14 - 2019-12-13 15:41 - 000000000 ____D C:\Users\agust\AppData\LocalLow\uTorrent
2019-12-12 16:03 - 2019-12-12 16:03 - 000008161 _____ C:\Users\agust\Downloads\4B4ECD903808E7DBAE8B7068E2482540ACEE9ACB.torrent
2019-12-11 09:32 - 2019-12-11 09:32 - 000204546 _____ C:\Users\agust\Downloads\Control_1_2S2019_1827_pauta.pdf
2019-12-11 09:32 - 2019-12-11 09:32 - 000203480 _____ C:\Users\agust\Downloads\Control_1_2S2019_1826_pauta.pdf
2019-12-11 09:31 - 2019-12-11 09:31 - 000261531 _____ C:\Users\agust\Downloads\Prueba_1_2S2019_Pauta (1).pdf
2019-12-11 09:31 - 2019-12-11 09:31 - 000249807 _____ C:\Users\agust\Downloads\Pauta_Control_2_val (1).pdf
2019-12-11 09:31 - 2019-12-11 09:31 - 000240267 _____ C:\Users\agust\Downloads\Prueba_2_Pauta.pdf
2019-12-11 00:43 - 2019-12-11 00:43 - 000264606 _____ C:\Users\agust\Downloads\Examen_2S2019 _pauta.pdf
2019-12-10 22:28 - 2019-12-10 22:28 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-10 22:28 - 2019-12-10 22:28 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-10 22:28 - 2019-12-10 22:28 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-10 22:28 - 2019-12-10 22:28 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-10 22:28 - 2019-12-10 22:28 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-10 22:28 - 2019-12-10 22:28 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-10 22:28 - 2019-12-10 22:28 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-10 22:28 - 2019-12-10 22:28 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-10 22:28 - 2019-12-10 22:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-10 22:27 - 2019-12-10 22:27 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-10 22:27 - 2019-12-10 22:27 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-10 22:27 - 2019-12-10 22:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-10 22:27 - 2019-12-10 22:27 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-10 22:27 - 2019-12-10 22:27 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-10 18:37 - 2019-12-10 18:37 - 000562326 _____ C:\Users\agust\Downloads\aUmAt1JSQbs4Xho0.mp4
2019-12-10 16:40 - 2019-12-10 16:40 - 000207993 _____ C:\Users\agust\Downloads\Clase 3 (2).pptx
2019-12-10 16:39 - 2019-12-10 16:40 - 000181081 _____ C:\Users\agust\Downloads\Clase 2 (2).pptx
2019-12-08 18:53 - 2019-12-08 18:53 - 000000000 ____D C:\Users\agust\Games
2019-12-08 18:13 - 2019-12-08 18:13 - 000000222 _____ C:\Users\agust\Desktop\Age of Empires II Definitive Edition.url
2019-12-07 13:40 - 2019-12-07 13:40 - 000001279 _____ C:\Users\agust\Desktop\Aguas Andinas Analisis Financiero.xlsx - Acceso directo.lnk
2019-12-07 13:27 - 2019-12-07 13:27 - 000000000 ____D C:\ProgramData\TP-LINK
2019-12-06 02:15 - 2019-12-06 02:19 - 632468878 _____ C:\Users\agust\Downloads\720.mp4
2019-12-04 21:54 - 2019-12-04 21:54 - 000032662 _____ C:\Users\agust\Downloads\Situación final 1826.xlsx
2019-12-04 13:37 - 2019-12-04 13:37 - 000001535 _____ C:\Users\agust\Desktop\Instalar Kaspersky Secure Connection, versión 20.0.14.1085.lnk
2019-12-03 14:52 - 2019-12-03 14:52 - 013570438 _____ C:\Users\agust\Downloads\BM 10th edition.pdf
2019-12-03 14:52 - 2019-12-03 14:52 - 000420705 _____ C:\Users\agust\Downloads\Clase 1 (1).pptx
2019-12-03 14:52 - 2019-12-03 14:52 - 000207993 _____ C:\Users\agust\Downloads\Clase 3 (1).pptx
2019-12-03 14:52 - 2019-12-03 14:52 - 000181081 _____ C:\Users\agust\Downloads\Clase 2 (1).pptx
2019-12-01 21:14 - 2019-12-01 21:16 - 000000000 ____D C:\Users\agust\Downloads\Hearts.of.Iron.IV.Man.the.Guns.Update.v1.8.0-CODEX
2019-12-01 21:13 - 2019-12-01 21:14 - 000000000 ____D C:\Users\agust\Downloads\Hearts.of.Iron.IV.Man.the.Guns.Update.v1.7.1-CODEX
2019-12-01 20:03 - 2019-12-01 20:38 - 105182658 _____ C:\Users\agust\Downloads\sc5832-HOIIVMTGUpd180.rar
2019-12-01 20:02 - 2019-12-01 20:23 - 065292630 _____ C:\Users\agust\Downloads\sc4051-HOIIVMTGUpd171.rar
2019-12-01 19:57 - 2019-12-01 19:57 - 000018762 _____ C:\Users\agust\Downloads\Hearts.of.Iron.IV.Man.the.Guns.Update.v1.7.0.incl.DLC-CODEX.torrent
2019-11-25 13:46 - 2019-11-25 13:46 - 001273329 _____ C:\Users\agust\Desktop\G19B2T2osespoblete.pdf
2019-11-25 13:42 - 2019-11-25 13:42 - 001273329 _____ C:\Users\agust\Desktop\B2Tarea22019Nov14 poblete oses.pdf
2019-11-24 20:09 - 2019-11-24 20:09 - 000026677 _____ C:\Users\agust\Downloads\Compilado_09_11_1826 (2).xlsx
2019-11-24 17:51 - 2019-11-24 17:51 - 005355349 _____ C:\Users\agust\Downloads\Pauta Prueba 2 Intro a la Micro 201920.pdf
2019-11-24 17:51 - 2019-11-24 17:51 - 002032541 _____ C:\Users\agust\Downloads\Pauta Prueba 1 Corregida.pdf
2019-11-24 17:51 - 2019-11-24 17:51 - 000847622 _____ C:\Users\agust\Downloads\Pauta Contro Acumulativo 3.pdf
2019-11-24 14:16 - 2019-11-24 14:21 - 000000000 ____D C:\Users\agust\AppData\Roaming\Abbott Diabetes Care
2019-11-24 14:01 - 2019-11-24 14:01 - 000002074 _____ C:\Users\Public\Desktop\FreeStyle Libre.lnk
2019-11-24 14:01 - 2019-11-24 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeStyle Libre
2019-11-24 14:00 - 2019-11-24 14:15 - 000000000 ____D C:\ProgramData\Abbott Diabetes Care
2019-11-24 14:00 - 2019-11-24 14:01 - 000000000 ____D C:\Program Files (x86)\FreeStyle Libre
2019-11-24 13:58 - 2019-11-24 14:00 - 050655056 _____ (Abbott Diabetes Care) C:\Users\agust\Downloads\FreeStyleLibreInstaller-OUS1_7161.exe
2019-11-23 19:54 - 2019-11-23 19:54 - 000582045 _____ C:\Users\agust\Downloads\Syllabus Intro Micro 201910 Juan Nagel.pdf
2019-11-22 10:41 - 2019-11-22 10:41 - 000013541 _____ C:\Users\agust\Desktop\MALLA-INGENIERIA-COMERCIAL-UANDES.pdf
2019-11-22 09:29 - 2019-11-22 09:29 - 000522900 _____ C:\Users\agust\Downloads\Control 3_pauta.pdf
2019-11-22 01:09 - 2019-11-22 01:09 - 000476633 _____ C:\Users\agust\Downloads\Prueba 2_pauta (2).pdf
2019-11-21 23:40 - 2019-11-21 23:40 - 000139531 _____ C:\Users\agust\Downloads\Control 1_pauta (2).pdf
2019-11-21 15:56 - 2019-11-21 15:56 - 000852825 _____ C:\Users\agust\Downloads\1S 2017.pdf
2019-11-21 12:10 - 2019-11-21 12:10 - 001706357 _____ C:\Users\agust\Downloads\Documentos escaneados (2).pdf
2019-11-21 12:10 - 2019-11-21 12:10 - 001122212 _____ C:\Users\agust\Downloads\Documentos escaneados (1).pdf
2019-11-21 12:10 - 2019-11-21 12:10 - 000713152 _____ C:\Users\agust\Downloads\Documentos escaneados.pdf
2019-11-19 20:32 - 2019-11-19 20:32 - 001171574 _____ C:\Users\agust\Downloads\Examen_pauta (1).pdf
2019-11-19 19:59 - 2019-11-19 19:59 - 000952699 _____ C:\Users\agust\Downloads\JPAL-caso para imprimir.pdf
2019-11-19 12:09 - 2019-11-19 12:09 - 000247245 _____ C:\Users\agust\Downloads\Apunte Online_Causalidad y Experimentos Aleatorios.pdf
2019-11-18 19:44 - 2019-11-18 19:44 - 000118241 _____ C:\Users\agust\Downloads\La Div Prov supera el mal en Jesus.pdf
2019-11-18 16:11 - 2019-11-18 16:11 - 000578304 _____ C:\Users\agust\Desktop\Tarea 8.pptx
2019-11-18 16:08 - 2019-11-18 16:08 - 000544840 _____ C:\Users\agust\Downloads\Tarea 8.pptx
2019-11-17 11:09 - 2019-11-17 11:09 - 005192280 _____ (Husdawg, LLC) C:\Users\agust\Downloads\Detection (7).exe

el resto de FRST:

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-16 12:00 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-16 11:49 - 2019-09-05 13:04 - 000003534 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2019-12-16 11:48 - 2019-09-22 14:26 - 000000000 ___RD C:\Users\agust\OneDrive - miuandes.cl
2019-12-16 11:48 - 2019-09-05 12:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-16 11:48 - 2017-09-30 13:33 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-16 11:06 - 2019-06-04 21:35 - 000000000 ____D C:\Users\agust\AppData\Local\Spotify
2019-12-16 10:57 - 2017-01-09 18:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-16 10:50 - 2019-06-04 21:34 - 000000000 ____D C:\Users\agust\AppData\Roaming\Spotify
2019-12-16 10:48 - 2017-07-25 21:50 - 000000000 __SHD C:\Users\agust\IntelGraphicsProfiles
2019-12-16 10:46 - 2019-09-05 13:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-16 10:45 - 2019-03-19 01:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-15 22:03 - 2017-09-13 20:12 - 000000000 ____D C:\Users\agust\AppData\Roaming\vlc
2019-12-15 20:58 - 2018-02-20 22:41 - 000000000 ____D C:\Users\agust\AppData\Local\ElevatedDiagnostics
2019-12-15 20:55 - 2019-08-11 16:37 - 000000000 ____D C:\Users\agust\AppData\Roaming\IObit
2019-12-15 20:55 - 2019-08-11 16:37 - 000000000 ____D C:\ProgramData\IObit
2019-12-15 20:55 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-12-15 20:55 - 2018-03-02 12:14 - 000000000 ____D C:\Program Files (x86)\Amazon
2019-12-15 20:55 - 2016-05-05 17:42 - 000000000 ____D C:\Program Files\Acer
2019-12-15 20:55 - 2016-05-05 17:41 - 000000000 ____D C:\ProgramData\Acer
2019-12-15 20:55 - 2016-05-05 17:41 - 000000000 ____D C:\Program Files (x86)\Acer
2019-12-15 10:18 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-15 10:13 - 2019-09-05 12:21 - 000514008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-15 10:09 - 2017-09-23 22:03 - 000000000 ____D C:\Users\agust\AppData\Roaming\TS3Client
2019-12-15 10:09 - 2017-08-17 11:23 - 000000000 ____D C:\Users\agust\AppData\Roaming\uTorrent
2019-12-15 10:09 - 2017-07-26 11:25 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-15 10:07 - 2019-09-06 00:53 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-15 10:07 - 2019-09-04 13:13 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-15 10:07 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-15 10:07 - 2017-07-25 23:38 - 000000000 ____D C:\Users\agust\AppData\Local\CrashDumps
2019-12-15 04:51 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-15 04:46 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 19:56 - 2017-07-26 11:25 - 000000000 ____D C:\Users\agust\AppData\Local\Battle.net
2019-12-14 19:38 - 2019-03-19 01:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-14 18:30 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-14 17:49 - 2019-09-05 13:04 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{21CC93C2-34AC-47DB-A612-BB437695AF60}
2019-12-14 10:11 - 2017-01-09 16:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-13 15:05 - 2019-05-21 18:24 - 000000000 ____D C:\Users\agust\AppData\Local\BitTorrentHelper
2019-12-13 11:13 - 2017-10-14 14:03 - 000000000 ____D C:\Users\agust\Downloads\The Judge (2014) [1080p]
2019-12-12 22:55 - 2017-08-16 00:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-12 20:15 - 2019-08-11 19:14 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2019-12-12 20:09 - 2017-07-26 11:26 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2019-12-11 19:22 - 2019-09-05 12:46 - 001775182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-11 19:22 - 2019-03-19 08:59 - 000789752 _____ C:\WINDOWS\system32\perfh00A.dat
2019-12-11 19:22 - 2019-03-19 08:59 - 000156054 _____ C:\WINDOWS\system32\perfc00A.dat
2019-12-11 19:15 - 2017-12-02 11:38 - 000000000 ___RD C:\Users\agust\3D Objects
2019-12-11 19:15 - 2016-02-13 10:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-11 19:07 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-11 19:07 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-11 19:07 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 09:32 - 2017-12-02 10:34 - 000000000 ____D C:\Users\agust\AppData\Local\Packages
2019-12-10 22:43 - 2017-07-26 10:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-10 22:37 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-10 22:37 - 2017-07-26 10:16 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-10 20:44 - 2017-10-31 01:33 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-12-10 18:27 - 2019-03-19 01:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-08 18:53 - 2019-09-05 12:33 - 000000000 ____D C:\Users\agust
2019-12-08 18:13 - 2017-07-26 11:43 - 000000000 ____D C:\Users\agust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-12-07 13:43 - 2018-12-08 19:50 - 000000000 ____D C:\Temp
2019-12-01 21:16 - 2019-04-28 00:05 - 000000000 ____D C:\Program Files (x86)\Hearts of Iron IV Man the Guns
2019-11-21 23:13 - 2019-09-05 13:04 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3291108247-1040878164-2135273197-1001
2019-11-21 23:13 - 2019-09-05 12:33 - 000002405 _____ C:\Users\agust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 21:16 - 2017-07-26 03:25 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-21 21:16 - 2017-07-26 03:25 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-20 23:27 - 2019-08-11 16:38 - 000000000 ____D C:\ProgramData\ProductData

==================== Files in the root of some directories ========

2019-12-14 19:21 - 2019-12-16 10:34 - 000000004 _____ () C:\ProgramData\lock.dat
2019-12-15 09:55 - 2019-12-15 09:55 - 000000004 _____ () C:\ProgramData\rc.dat
2019-12-14 19:21 - 2019-12-14 19:21 - 000000008 _____ () C:\ProgramData\ts.dat
2017-07-26 00:04 - 2014-04-16 19:08 - 000658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall245579.exe
2017-07-26 17:03 - 2017-07-26 17:03 - 000000017 _____ () C:\Users\agust\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by agust (16-12-2019 12:08:11)
Running from C:\Users\agust\Downloads
Windows 10 Home Single Language Version 1903 18362.535 (X64) (2019-09-05 16:07:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3291108247-1040878164-2135273197-500 - Administrator - Disabled)
agust (S-1-5-21-3291108247-1040878164-2135273197-1001 - Administrator - Enabled) => C:\Users\agust
DefaultAccount (S-1-5-21-3291108247-1040878164-2135273197-503 - Limited - Disabled)
Invitado (S-1-5-21-3291108247-1040878164-2135273197-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3291108247-1040878164-2135273197-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Actualización de NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20058 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Age of Empires III: ESO-Community Patch (HKLM\...\ESO Community Patch_is1) (Version: 5.0.0.2 - ESO Community)
Amazon Assistant (HKLM-x32\...\{6C2156D3-0DE6-406C-9E5F-2048BEDB7452}) (Version: 10.18.0221 - Amazon) <==== ATTENTION
Aplicación Blizzard (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{738276A2-92E7-4313-9E4D-D090F7DA98EC}) (Version: 79.0.3945.10 - Google Inc.)
CPUID CPU-Z 1.80 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Driver Easy 5.6.7 (HKLM\...\DriverEasy_is1) (Version: 5.6.7 - Easeware)
FreeStyle Libre (HKLM-x32\...\FreeStyle Libre 1.0) (Version: 1.0 - Abbott Diabetes Care)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Hearts of Iron IV Man the Guns (HKLM-x32\...\Hearts of Iron IV Man the Guns_is1) (Version:  - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6286 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Inviska MKV Extract versión 6.0 (HKLM-x32\...\{215C3EFC-2BE8-4A5A-9A1F-982C15E47CC9}_is1) (Version: 6.0 - Inviska Software)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Password Manager (HKLM-x32\...\{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{D4C3D682-E15A-4A48-A7B7-3F021A525F8F}) (Version: 8.0.6.538 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVToolNix 29.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 29.0.0 - Moritz Bunkus)
MouseRecorder v1.0.51 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.51 - Bartels Media GmbH)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Panel de control de NVIDIA 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.34 - NVIDIA Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version:  - RAR Password Unlocker, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\Spotify) (Version: 1.1.20.510.g7d28aaaa - Spotify AB)
Spotify (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\Spotify) (Version: 1.1.20.510.g7d28aaaa - Spotify AB)
Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer)
Stata 15 (HKLM-x32\...\{EF43617A-2570-4999-9F4C-DC3937E43B84}) (Version: 15.0 - StataCorp LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VEGAS Pro 16.0 (HKLM\...\{0ABBD080-A716-11E8-974B-00155D6302F2}) (Version: 16.0.261 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)
XviD4PSP 5.10.346.0 (HKLM-x32\...\XviD4PSP5_is1) (Version:  - Winnydows & fcp team)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-11-15] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-16] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-11] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-31] (Netflix, Inc.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001_Classes\CLSID\{04271989-C4D2-B58A-5D52-C8A87EE676FB} -> [OneDrive - miuandes.cl] => C:\Users\agust\OneDrive - miuandes.cl [2019-09-22 14:26]
CustomCLSID: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\agust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\agust\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxDTCM.dll [2018-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [83456 2010-11-03] (www.helixcommunity.org) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\agust\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\sharepoint.com -> hxxps://alumnosuach-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\sharepoint.com -> hxxps://alumnosuach-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 04:24 - 2015-10-30 04:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745279\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745510\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\agust\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f5d8e27a-b04f-43ab-97a7-0c36a73d7cc6}.png
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\Control Panel\Desktop\\Wallpaper -> C:\Users\agust\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{f5d8e27a-b04f-43ab-97a7-0c36a73d7cc6}.png
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{60B32F0A-0AB7-4A42-BA43-096B962AC401}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{6507FDBE-14AC-48BA-9EF9-FA6262F84068}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [UDP Query User{65904199-A006-4780-A40B-4A71555B07A8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{C6AF3BF7-EC6C-496C-8D6F-CBC72398F75C}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4E0E3CEE-AE88-4AA2-85FF-181E344733D3}C:\users\agust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\agust\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{4FEF0C3F-31A2-40E4-8D5C-3D4557C01064}C:\users\agust\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\agust\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9E159232-ED40-4038-8A5C-195976AF4F95}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{906980AB-0C89-4FF8-9286-67DE8F086E6A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7817C635-5C1A-4189-8BAC-6E5B1CABFFB4}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe No File
FirewallRules: [{6DE811CB-DF6B-416A-815F-B9DD7EEF4C0C}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe No File
FirewallRules: [{43C42461-1184-4A2E-AF4B-D979A3A14C31}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5F010205-9282-445B-AB47-DED146360BAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{82E86EEB-5089-4365-BEED-F842CF64CE62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{40995C74-92F4-49AE-BA6F-15C145E4A94D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{C90DBCE3-442B-4E72-A6AB-2FB97A0B7737}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFA2ADA4-178D-4C70-B185-6C2A9520FF50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65355D95-E0EE-4F0C-A8F4-B84AA67D3F32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABB7EB96-4B23-4EC2-B722-125FDFD45B59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{94A47B18-A3F7-4F91-9FD4-71DCE137305E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EE0730B3-5E72-4648-8E9A-FFC55AF7E5F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{644AED1C-F701-497A-9012-8D170424C119}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13DF1523-D328-404E-BAD7-6ACABD230DB6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50B710B2-E442-453C-A943-B66A436A93BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Empire at War\runme2.exe () [File not signed]
FirewallRules: [{10664DB1-22DB-4A77-A92C-2E138ADE3B20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Empire at War\runme2.exe () [File not signed]
FirewallRules: [{0A873012-0BC8-400A-ADFE-923D2D1EA92B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Empire at War\runme.exe () [File not signed]
FirewallRules: [{1937FC97-B257-49A3-B47A-F68CFEBC6518}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Empire at War\runme.exe () [File not signed]
FirewallRules: [{2A33E631-591C-4EAC-9968-BA192C1AB0BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A70511FF-BE46-484F-B79D-C62D86494F80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A9A4DF27-9CDB-4BF1-853C-7C81332B3B32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{763C07F0-271E-4993-895E-85FB6E1CD41E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{0B40B612-6D12-4290-A302-DA60914ACBF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{D289030E-76D3-4646-A8A6-B553FB413DC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{AADDC934-2F02-4F14-8E60-232FE077A12F}] => (Allow) C:\Users\agust\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5844BE98-45CA-4027-9841-C481571D09DE}] => (Allow) C:\Users\agust\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7EFF468D-6640-4A36-89F7-2FA1A81F27B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\aomx.exe (Microsoft Corp) [File not signed]
FirewallRules: [{AF157DBC-DCBC-4024-A2DD-C22605469D6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\aomx.exe (Microsoft Corp) [File not signed]
FirewallRules: [{833D5508-BDC4-4E5A-BA60-70D18A954D56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{4ED442ED-DAAF-47FD-BB19-2612996E84BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{272AC17C-FB77-4A47-AF59-5CD9E2B5350C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{D56F9CAA-192E-4292-8E0E-B6CE30CA9436}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{F2BD537C-8D0D-4343-8D84-8ADCA51C9D37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{11E4BC72-D3B7-4EBB-A129-1467F8198A2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2476DC6E-EC7B-4016-9323-0DEB9C995E16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC49DD62-2849-4E39-BB25-D278226AA402}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{4D1BA2D7-26E4-49DE-8A54-6D6571E3467A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{67F18210-789F-4709-BF02-7FAC464E4D78}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1AED93DD-708F-44ED-A0EB-92930212EBA0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{36196FA5-C175-4889-B2EE-C6BA1C339C07}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{D5AC7510-F708-4DE6-BF58-12BB718F0240}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{3A97E561-8FFF-4C37-A17E-0DC1733A7F0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99A9C81D-D430-467B-9B90-DF4CEA8B4E4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40AEB971-5CCB-4673-B709-68682D4C7FCB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{990ADFDD-C1CF-4D2F-9025-AD12190CCAB3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF354B25-2AA4-42A3-A5C5-B5E4C57562E8}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{12B70BE0-C96A-4EA8-922A-AE24A46CBE62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{FC769982-CAC7-4418-8EF5-FBEDA328E7A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{38FA1B03-022A-4013-A85B-D2252ADBC82E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EA294E58-4439-4FA4-8A37-A180DF9100B9}C:\program files (x86)\hearts of iron iv man the guns\hoi4.exe] => (Allow) C:\program files (x86)\hearts of iron iv man the guns\hoi4.exe (Paradox Interactive Ab (Publ) -> Paradox Interactive)
FirewallRules: [UDP Query User{7E9216D8-4211-453C-9785-983F713D5B2C}C:\program files (x86)\hearts of iron iv man the guns\hoi4.exe] => (Allow) C:\program files (x86)\hearts of iron iv man the guns\hoi4.exe (Paradox Interactive Ab (Publ) -> Paradox Interactive)
FirewallRules: [{1F5600DA-ECF6-47F8-9ED4-FE4E7ECE788D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7AC5A2D5-70CB-4C5A-8C84-B1945E7AD355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB409862-74BB-4A21-A1F8-E2FDBA37B4CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{79CBB8EA-D6E9-426C-8211-7361C9FE5408}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [File not signed]
FirewallRules: [{B35B135F-9801-4E6E-AE12-7E3A0230F36A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F178CE18-287F-4F73-AB5D-F106052F8164}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F7CD96B6-A158-4510-94BF-508A85A5B4A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8DB6A84B-19C0-47F3-8363-DD5BEECF1447}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1898AC13-6ED2-499B-9491-3F03D72F41C4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7396F49B-75DC-413D-BC6C-E865D6082A85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3FF2C16B-E99B-43E7-980A-3E879DE6718C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C809C78-28EE-408E-AA7B-53A57A4112DA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

13-12-2019 10:30:36 Punto de control programado

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/16/2019 12:06:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8152,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/16/2019 11:47:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9520,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/16/2019 11:41:23 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10528,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/16/2019 11:14:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9468,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/16/2019 10:55:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/16/2019 10:52:47 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error al actualizar el estado de  a SECURITY_PRODUCT_STATE_OFF.

Error: (12/16/2019 10:40:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (220,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/16/2019 10:31:08 AM) (Source: ESENT) (EventID: 544) (User: )
Description: svchost (4128,D,50) SRUJet: Error al comprobar la página de base de datos leída del archivo "C:\WINDOWS\system32\SRU\SRUDB.dat" en la posición 8192 (0x0000000000002000) (página de base de datos 1 (0x1)) con 4096 (0x00001000) bytes porque, de forma persistente, la marca de tiempo de detección de vaciado perdido no coincide. La operación de lectura se cerrará con el error -1119 (0xfffffba1).

El estado de vaciado en la página de la base de datos 1 (0x1) era 0, mientras que el estado de vaciado en la página de asignaciones de vaciado 0 (0x0) era 1.

Si el problema persiste, restaure la base de datos a partir de una copia de seguridad anterior. Este problema puede estar causado por hardware defectuoso. Póngase en contacto con el proveedor de hardware para obtener ayuda para diagnosticar el problema.


System errors:
=============
Error: (12/16/2019 10:51:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (12/16/2019 10:49:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio GamesAppIntegrationService no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (12/16/2019 10:45:17 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (12/16/2019 10:45:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para DeleteFlag con el error siguiente: 
Se superó el número máximo de secretos que se pueden guardar en un único sistema.

Error: (12/16/2019 10:45:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para DeleteFlag con el error siguiente: 
Se superó el número máximo de secretos que se pueden guardar en un único sistema.

Error: (12/16/2019 10:44:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para DeleteFlag con el error siguiente: 
Se superó el número máximo de secretos que se pueden guardar en un único sistema.

Error: (12/16/2019 10:44:47 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-KA690AR9)
Description: No se puede iniciar un servidor DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Error 
"2147942405"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/16/2019 10:44:47 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-KA690AR9)
Description: No se puede iniciar un servidor DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Error 
"2147942405"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Windows Defender:
===================================
Date: 2019-12-16 12:01:14.601
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.275.981.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor: 
Versión anterior del motor: 1.1.15200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-12-16 12:01:14.601
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.275.981.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor: 
Versión anterior del motor: 1.1.15200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-12-16 12:01:14.600
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.275.981.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor: 
Versión anterior del motor: 1.1.15200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-12-16 12:01:14.588
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.275.981.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor: 
Versión anterior del motor: 1.1.15200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-12-16 12:01:14.587
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.275.981.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor: 
Versión anterior del motor: 1.1.15200.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-12-15 11:36:57.750
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-15 11:36:57.746
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-15 11:34:36.525
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-15 02:39:20.500
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-15 02:39:20.498
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-14 19:40:45.140
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-14 19:40:45.138
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-14 19:40:45.137
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.20 12/13/2016
Motherboard: Acer Ironman_SK
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 8060.22 MB
Available physical RAM: 4211.81 MB
Total Virtual: 17276.22 MB
Available Virtual: 13227.32 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:464.65 GB) (Free:75.68 GB) NTFS

\\?\Volume{22a94acb-e29d-4f5e-b638-213a31f70e42}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS
\\?\Volume{9bcaad01-2d41-4319-b840-91787e035166}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4D8913F9)

Partition: GPT.

==================== End of Addition.txt =======================

Hola

No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muevelo allí si no fallará el paso siguiente.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Task: {03C3BE45-86E6-4FB3-A29C-C8A872E5D669} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Tcpip\..\Interfaces\{f6dcf980-31b3-495d-9de1-71b17eefc569}: [DhcpNameServer] 40.30.1.66
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
CHR Extension: (Chrome Media Router) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06]
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
FirewallRules: [{7817C635-5C1A-4189-8BAC-6E5B1CABFFB4}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe No File
FirewallRules: [{6DE811CB-DF6B-416A-815F-B9DD7EEF4C0C}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe No File
FirewallRules: [{CC49DD62-2849-4E39-BB25-D278226AA402}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{4D1BA2D7-26E4-49DE-8A54-6D6571E3467A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola buenas! Gracias por la respuesta, anduve fuera por un par de días y ahora volví.

Seguí sus instrucciones y al parecer el problema fue arreglado!

Adjunto el log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by agust (22-12-2019 08:50:11) Run:1
Running from C:\Users\agust\Desktop
Loaded Profiles: agust (Available Profiles: agust)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Task: {03C3BE45-86E6-4FB3-A29C-C8A872E5D669} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Tcpip\..\Interfaces\{f6dcf980-31b3-495d-9de1-71b17eefc569}: [DhcpNameServer] 40.30.1.66
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = 
CHR Extension: (Chrome Media Router) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06]
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
FirewallRules: [{7817C635-5C1A-4189-8BAC-6E5B1CABFFB4}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe No File
FirewallRules: [{6DE811CB-DF6B-416A-815F-B9DD7EEF4C0C}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2019\Adobe Premiere Pro.exe No File
FirewallRules: [{CC49DD62-2849-4E39-BB25-D278226AA402}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{4D1BA2D7-26E4-49DE-8A54-6D6571E3467A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03C3BE45-86E6-4FB3-A29C-C8A872E5D669}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03C3BE45-86E6-4FB3-A29C-C8A872E5D669}" => removed successfully
C:\WINDOWS\System32\Tasks\DashlaneUpgradeCheck => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DashlaneUpgradeCheck" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f6dcf980-31b3-495d-9de1-71b17eefc569}\\DhcpNameServer" => removed successfully
"HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} => removed successfully
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> DefaultScope {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): No automatic fix found for this entry.
SearchScopes: HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12162019104745796 -> {0CFDB2FE-DFC2-48BD-AB86-362191AEDC19} URL = => Error ({ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}): No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\agust\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-06] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\QALSvc => removed successfully
QALSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\QASvc => removed successfully
QASvc => service removed successfully
HKLM\System\CurrentControlSet\Services\UEIPSvc => removed successfully
UEIPSvc => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ ACloudSynced => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7817C635-5C1A-4189-8BAC-6E5B1CABFFB4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DE811CB-DF6B-416A-815F-B9DD7EEF4C0C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC49DD62-2849-4E39-BB25-D278226AA402}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D1BA2D7-26E4-49DE-8A54-6D6571E3467A}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12222019084914793\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12222019084914793\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3291108247-1040878164-2135273197-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12222019084915059\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3291108247-1040878164-2135273197-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12222019084915059\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30614357 B
Java, Flash, Steam htmlcache => 373867259 B
Windows/system/drivers => 4723992 B
Edge => 26558 B
Chrome => 176033015 B
Firefox => 4846811 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 25466 B
NetworkService => 34778 B
agust => 132312121 B

RecycleBin => 0 B
EmptyTemp: => 699 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:54:21 ====

Saludos

Hola @aoses

No te preocupes por la demora, no hay problema

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Nos alegramos que se te haya resuelto Damos el tema por solucionado.

Un saludo