Limpieza de PC (No puedo abrir MBAM + al buscar en navegador me redirecciona a "consent.yahoo.com...")

Queridos compañeros de InfoSpyware,

Tengo un PC portátil con las siguientes características: intel Core i3-2328M CpU 2’2GHz, con 8 Gb de RAM. Sistema Operativo W10.

Creo que estoy infectado puesto que tengo los siguientes problemas:

1.- No puedo iniciar MBAM (me sale el mensaje “unable to connect the service”). De hecho, al desinstalarlo, después de reiniciar me ha salido el mensaje “[Uninstall] Could not stop service – continuing [Error: 5]”. He decidido desinstalarlo y luego instalarlo porque a veces tenía problemas a la hora de ejecutarlo (no lo hacía) y porque era el paso que se daba en la “Guía de Eliminación de Malware 2.019”, pensé que lo correcto era instalarlo de 0, siguiendo estrictamente esos pasos. Desgraciadamente ya he visto que no era correcto hacerlo así, en el mismo post que describe mi mismo problema:

2.- Tal y como se explica en el post que describe también mi otro problema, al buscar en la barra de navegador cualquier cosa me redirecciona al “buscador” de yahoo (https//consent.yahoo.com/collectConsent?..).

3. Ayer, al conectar un disco duro externo, decir también que de algunos sitios no se veían los iconos de carpeta o de imagen, sólo el título. Al extraerlo, luego se veían otra vez. Hay que decir también que tengo las 2 particiones del disco duro con sólo 20Gb o menos de espacio libre… Por otra parte… ésta es otra cuestión y no sé si tendría que abrir otro tema. Porque tengo los discos duros vacunados de la otra vez, pero me gustaría saber cómo se pueden desinfectar (si lo hacemos en otro post o durante el presente). Puesto que si el disco duro externo está infectado, después de haber limpiado el pc, si lo vuelvo a conectar se podría volver a infectar, ¿correcto?.

El análisis del Avast no me da ningún positivo. Cuando hace unos días pasé el MBAM sólo me daba como resultado el programa potencialmente no deseado “atube”. No he querido hacer nada más por mi cuenta, porque sé que me podéis ayudar vosotros y no quiero empeorar las cosas :open_mouth:

Espero que me podáis ayudar, por favor.

Antes de empezar me gustaría aclarar que si estando en mitad de vuestros pasos puedo instalar las actualizaciones que windows me proponga. También me gustaría saber si puedo (por motivos estrictamente laborales) imprimir pdfs de páginas de internet (de total confianza) y descargar también archivos de mails o de páginas web de confianza. Creo que es mejor dejarlo claro al principio que no ir preguntando de medias y entorpeciendo el proceso de limpieza.

Espero paciente vuestra respuesta y vuestras instrucciones :slight_smile:

Muchas gracias.

Un saludo,

alonsotaku

Realiza en orden y me pegas los logs

1-

2- * Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


1 me gusta

Muchas gracias por responder tan rápido Miguel.

Log de ESET Online:

07:22:03 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
07:23:59 Updating
07:23:59 Update Init
07:24:10 Update Download
07:24:22 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# ESETOnlineScanner_ESL.exe=3.0.17.0
# EOSSerial=388464dd3285784c90eff394dea7d67c
# engine=0
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=false
# sfx_checked=false
# utc_time=2019-04-15 05:24:21
# local_time=2019-04-15 07:24:21 (+0100, Hora de verano romance)
# country="Spain"
# lang=13322
# osver=10.0.17134 NT 
# compatibility_mode_1='Avast Antivirus'
# compatibility_mode=815 16777213 83 97 1908 8667656 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 67802 31816223 0 0
# scanned=0
# found=0
# cleaned=0
# scan_time=0
# stats_enabled=7
# scan_type=-1945799852
07:24:22 Call m_esets_charon_send
07:24:22 Call m_esets_charon_destroy
07:24:22 Call m_esets_charon_send
07:24:22 Call m_esets_charon_destroy
07:24:32 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
07:26:46 Updating
07:26:46 Update Init
07:26:57 Update Download
07:28:25 esets_scanner_reload returned 0
07:28:25 g_uiModuleBuild: 41053
07:28:25 Update Finalize
07:28:25 Call m_esets_charon_send
07:28:25 Call m_esets_charon_destroy
07:28:25 Updated modules version: 41053
07:28:37 Call m_esets_charon_setup_create
07:28:37 Call m_esets_charon_create
07:28:37 m_esets_charon_create OK
07:28:37 Call m_esets_charon_start_send_thread
07:28:37 Call m_esets_charon_setup_set
07:28:37 m_esets_charon_setup_set OK
07:28:37 Scanner engine: 41053
11:02:04 # product=EOS
# version=8
# flags=0
# av=0
# fw=7
# admin=1
# ESETOnlineScanner_ESL.exe=3.0.17.0
# EOSSerial=388464dd3285784c90eff394dea7d67c
# engine=41053
# end=finished
# bannerClicked=0
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# sfx_checked=true
# utc_time=2019-04-15 09:02:04
# local_time=2019-04-15 11:02:04 (+0100, Hora de verano romance)
# country="Spain"
# lang=13322
# osver=10.0.17134 NT 
# compatibility_mode_1='Avast Antivirus'
# compatibility_mode=815 16777213 83 97 14971 8680719 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 80865 31829286 0 0
# scanned=406436
# found=2
# cleaned=2
# scan_time=12562
# stats_enabled=0
# scan_type=3
sh=A5738DB92C688AE966ED3C93F43F83A761991AC0 ft=0 fh=0000000001df7000 vn="una variante de Win32/UwS.SlimDrivers.A aplicación (eliminado)" ac=C fn="C:\Users\Public\Documents\Downloaded Installers\{8804140C-3144-4075-9526-1C662E26CA17}\setup.msi"
sh=2EFAE88E4298861B32A63E5CD191BF5160D3398E ft=1 fh=0000000001445040 vn="Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura (desinfectado por eliminación)" ac=C fn="C:\Windows\Temp\avast_ash2\CCleaner\ccsetup556.exe"
11:02:05 Call m_esets_charon_send
11:02:05 Call m_esets_charon_destroy
11:02:06 Call m_esets_charon_send
11:02:06 Call m_esets_charon_destroy

log FRST.txt (hasta “One month (modified)” -sin incluir-)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Usuari (administrator) on ACER (15-04-2019 11:10:15)
Running from C:\Users\Usuari\Desktop
Loaded Profiles: Usuari (Available Profiles: Usuari)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corp.) [File not signed] C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Dritek System Inc. -> Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\Run: [Chromium] => c:\users\usuari\appdata\local\chromium\application\chrome.exe [4195328 2017-10-07] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\Run: [AvastBrowserAutoLaunch_9E2A2749ED8EA7F7B927726AABE5492C] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1955440 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\Mozilla Firefox\firefox.exe [524752 2019-04-11] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\Policies\Explorer: [] 
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-09] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1258.86\Installer\chrmstp.exe [2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2016-01-28]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation -> NTI Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{0671edf0-afeb-4d7c-aae2-e638eb2530f4}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{972498dc-fbbe-4363-9af5-f778e1e80684}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://hotmail.com/
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc -> Google Inc.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation -> Symantec Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-28] (McAfee, Inc. -> McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc -> Google Inc.)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation -> Symantec Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-28] (McAfee, Inc. -> McAfee, Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation -> Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kd8b2uxu.default
FF ProfilePath: C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\kd8b2uxu.default [2019-04-15]
FF Homepage: Mozilla\Firefox\Profiles\kd8b2uxu.default -> hxxps://areaclientes.orange.es/deeplink.html|hxxps://outlook.live.com/owa/?path=/mail/inbox/rp
FF Extension: (MEGA) - C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\kd8b2uxu.default\Extensions\[email protected] [2019-04-11] [UpdateUrl:hxxps://eu.static.mega.co.nz/3/firefox-web-extension-updates.json]
FF Extension: (uBlock Origin) - C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\kd8b2uxu.default\Extensions\[email protected] [2019-03-13]
FF Extension: (Avast Online Security) - C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\kd8b2uxu.default\Extensions\[email protected] [2019-04-14]
FF SearchPlugin: C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\kd8b2uxu.default\searchplugins\google-avast.xml [2015-01-25]
FF ProfilePath: C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\6mgtn3eu.dev-edition-default [2019-04-14]
FF Extension: (Avast SafePrice) - C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\6mgtn3eu.dev-edition-default\Extensions\[email protected] [2017-07-03] [UpdateUrl:hxxps://firefoxextension.avast.com/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles\6mgtn3eu.dev-edition-default\Extensions\[email protected] [2018-06-21]
FF Extension: (Avast Online Security) - C:\Users\Usuari\AppData\Roaming\Mozilla\Firefox\Profiles/6mgtn3eu.dev-edition-default\extensions\[email protected] [2018-06-21]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn
FF Extension: (Norton Identity Safe Toolbar) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.8.23\coFFPlgn [2019-04-14] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2013-09-23] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH -> pdfforge GmbH)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.es/
CHR StartupUrls: Default -> "hxxps://www.google.es/"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?fr=mcafee&type=E210ES91082G91207&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default [2019-04-14]
CHR Extension: (Documentos) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-25]
CHR Extension: (Google Drive) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-26]
CHR Extension: (YouTube) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-26]
CHR Extension: (Búsqueda de Google) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-17]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-02-23]
CHR Extension: (Screen Shader | Smart Screen Tinting) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlboobidmkelggdainpknloccojpppi [2019-04-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-25]
CHR Extension: (AdBlock) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-12]
CHR Extension: (Avast Online Security) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-19]
CHR Extension: (G.lux) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\hinolicfmhnjadpggledmhnffommefaf [2017-05-03]
CHR Extension: (Norton Identity Safe) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-04-20]
CHR Extension: (The Top Inbox for Gmail) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhapcklhkanndjbdnhichfmolhiaekg [2017-06-18]
CHR Extension: (WhatFont) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-05-04]
CHR Extension: (Skype) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-25]
CHR Extension: (Go Incognito (Beta)) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\oimfnddepdafdfmammggkfmdepfmipai [2017-05-03]
CHR Extension: (Gmail) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated -> Acer Incorporated)
R2 DiskDoctorService; C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-30] (Symantec Corporation -> Symantec Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated -> Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-19] (WildTangent Inc -> WildTangent)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-28] (McAfee, Inc. -> McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc. -> McAfee, Inc.)
S2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation -> Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation -> Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation -> NTI Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH -> pdfforge GmbH)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-01-05] (Dritek System Inc. -> Dritek System INC.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-09-06] (SolidWorks) [File not signed]
R2 SpeedDiskService; C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-30] (Symantec Corporation -> Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-08] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\system32\DRIVERS\lgandnetndis64.sys [93696 2014-05-27] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380160 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R3 b57xdbd; C:\WINDOWS\System32\drivers\b57xdbd.sys [72280 2012-08-13] (Broadcom Corporation -> Broadcom Corporation)
R3 b57xdmp; C:\WINDOWS\System32\drivers\b57xdmp.sys [21080 2012-08-13] (Broadcom Corporation -> Broadcom Corporation)
R3 bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [55384 2012-06-18] (Broadcom Corporation -> Broadcom Corporation)
R3 bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [70744 2012-08-14] (Broadcom Corporation -> Broadcom Corporation)
R1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-05] (Dritek System Inc. -> Dritek System Inc.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11616 2000-09-29] () [File not signed]
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-04-14] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 SymDSMon; C:\WINDOWS\system32\drivers\SymDSMon.sys [191232 2010-11-30] (Symantec Corporation -> Symantec Corporation)
S3 SYMSpeedDisk; C:\WINDOWS\system32\drivers\SymSpeedDisk.sys [163384 2010-11-30] (Symantec Corporation -> Symantec Corporation)
S3 SYMSpeedDisk; C:\WINDOWS\SysWOW64\drivers\SymSpeedDisk.sys [108800 2010-11-30] (Symantec Corporation -> Symantec Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-15 11:10 - 2019-04-15 11:12 - 000033858 _____ C:\Users\Usuari\Desktop\FRST.txt
2019-04-15 11:09 - 2019-04-15 11:10 - 000000000 ____D C:\FRST
2019-04-15 11:06 - 2019-04-15 11:06 - 000000000 ____D C:\Users\Usuari\Desktop\otros
2019-04-15 11:04 - 2019-04-15 11:04 - 000003174 _____ C:\Users\Usuari\Desktop\ESET-log.txt
2019-04-14 22:45 - 2019-04-14 22:45 - 000050120 _____ C:\Users\Usuari\Desktop\Limpieza de PC -FSpware (14-4-19).pdf
2019-04-14 22:44 - 2019-04-14 22:44 - 002434048 _____ (Farbar) C:\Users\Usuari\Desktop\FRST64.exe
2019-04-14 22:43 - 2019-04-14 22:43 - 001381133 _____ C:\Users\Usuari\Desktop\Manual de Eset Online Scanner.pdf
2019-04-14 22:41 - 2019-04-14 22:41 - 007666296 _____ (ESET spol. s r.o.) C:\Users\Usuari\Desktop\ESETOnlineScanner_ESL.exe
2019-04-14 18:47 - 2019-04-14 19:19 - 000022107 _____ C:\Users\Usuari\Desktop\1.odt
2019-04-14 16:35 - 2019-04-14 16:35 - 000009935 _____ C:\Users\Usuari\Desktop\Consent.yahoo.odt
2019-04-14 13:58 - 2019-04-14 13:58 - 000025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2019-04-14 13:11 - 2019-04-14 13:10 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-14 13:08 - 2019-04-14 13:08 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-14 13:08 - 2019-04-14 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-14 13:08 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-14 12:42 - 2019-04-14 12:42 - 000000000 ____D C:\ProgramData\MB3Migration
2019-04-14 12:42 - 2019-04-14 12:42 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2019-04-14 12:36 - 2019-04-14 15:02 - 000002474 _____ C:\Users\Usuari\Desktop\Rkill.txt
2019-04-14 12:35 - 2019-04-14 12:35 - 062776680 _____ (Malwarebytes ) C:\Users\Usuari\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10140.exe
2019-04-14 12:34 - 2019-04-14 12:34 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Usuari\Desktop\iExplore.exe
2019-04-13 21:58 - 2019-04-13 21:59 - 000013208 _____ C:\Users\Usuari\Desktop\cc_20190413_215856.reg
2019-04-13 21:57 - 2019-04-13 21:57 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-12 21:49 - 2019-04-14 13:14 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-12 12:10 - 2019-04-12 12:10 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-04-12 12:10 - 2019-04-12 12:10 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-04-11 11:46 - 2019-04-14 11:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-10 15:35 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 15:35 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 15:34 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 15:34 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 15:34 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 15:34 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 15:34 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 15:34 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 15:34 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 15:34 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 15:34 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 15:34 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 15:34 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 15:34 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 15:34 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 15:34 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 15:34 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 15:34 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 15:34 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 15:34 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 15:34 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 15:34 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 15:34 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 15:34 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 15:34 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 15:34 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 15:34 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 15:34 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 15:34 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 15:34 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 15:34 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 15:34 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 15:34 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 15:34 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 15:34 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 15:34 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 15:34 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 15:34 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 15:34 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 15:34 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 15:34 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 15:34 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 15:34 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 15:34 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 15:34 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 15:34 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 15:34 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 15:34 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 15:34 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 15:34 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 15:34 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 15:34 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 15:34 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 15:34 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 15:34 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 15:34 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 15:34 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 15:34 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 15:34 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 15:34 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 15:34 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 15:34 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 15:34 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 15:34 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 15:34 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 15:34 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 15:34 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 15:34 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 15:34 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 15:34 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 15:34 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 15:34 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 15:34 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 15:34 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 15:34 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 15:34 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 15:34 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 15:34 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 15:34 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 15:34 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 15:34 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 15:34 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 15:34 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 15:34 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 15:34 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 15:34 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 15:34 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 15:34 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 15:34 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 15:34 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 15:34 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 15:34 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 15:34 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 15:34 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 15:34 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 15:34 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 15:34 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 15:34 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 15:34 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 15:34 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 15:34 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 15:34 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 15:34 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 15:34 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 15:34 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 15:34 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 15:34 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 15:34 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 15:34 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 15:34 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 15:34 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 15:34 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 15:34 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 15:34 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 15:34 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 15:34 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 15:34 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 15:34 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 15:34 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 15:34 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 15:34 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 15:34 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 15:34 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 15:34 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 15:34 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 15:34 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 15:34 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 15:34 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 15:34 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 15:34 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 15:34 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 15:34 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 15:34 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 15:34 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 15:34 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 15:34 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 15:34 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 15:34 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 15:34 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 15:34 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 15:34 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 15:33 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 15:33 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 15:33 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 15:33 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 15:33 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 15:33 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 15:33 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 15:33 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 15:33 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 15:33 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 15:33 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 15:33 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 15:33 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 15:33 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 15:33 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 15:33 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 15:33 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 15:33 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 15:33 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 15:33 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 15:33 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 15:33 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 15:33 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 15:33 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 15:33 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 15:33 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 15:33 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 15:33 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 15:33 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 15:33 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 15:33 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 15:33 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 15:33 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 15:33 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 15:33 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 15:33 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 15:33 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 15:33 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 15:33 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 15:33 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 15:33 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 15:33 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 15:33 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 15:33 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 15:33 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 15:33 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 15:33 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 15:33 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 15:33 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 15:33 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 15:33 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 15:33 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 15:33 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 15:33 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 15:33 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 15:33 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 15:33 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 15:33 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 15:33 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 15:33 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 15:33 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 15:33 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 15:33 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 15:33 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-06 22:33 - 2019-04-06 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-06 22:17 - 2019-04-06 22:17 - 001626598 _____ C:\Users\Usuari\Desktop\programasantacreu2019mail.pdf
2019-04-03 22:59 - 2019-04-03 22:59 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-04-03 15:24 - 2019-04-03 15:24 - 017927680 _____ C:\Users\Usuari\Downloads\epson374212eu.exe
2019-04-01 22:13 - 2019-04-01 22:13 - 000000000 ____D C:\Users\Usuari\Downloads\MCOM
2019-03-31 20:02 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ID4BHJE.DLL
2019-03-31 20:02 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2019-03-17 13:44 - 2000-09-29 14:34 - 000011616 _____ C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2019-03-17 13:43 - 2019-03-17 13:43 - 000000000 ____D C:\Program Files (x86)\EACOM

log FRST.txt (A partir de “One month (modified)” hasta el final)

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-15 11:05 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-15 10:17 - 2016-11-19 02:19 - 000000000 ____D C:\Users\Usuari\AppData\LocalLow\Mozilla
2019-04-15 09:36 - 2018-06-09 14:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-15 07:01 - 2019-01-22 18:12 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-15 07:01 - 2019-01-22 18:12 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-15 07:01 - 2018-06-09 14:45 - 000003486 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-15 07:01 - 2018-06-09 14:45 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-04-15 07:01 - 2018-06-09 14:45 - 000003296 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1373375059
2019-04-15 07:01 - 2018-06-09 14:45 - 000003262 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-15 07:01 - 2018-06-09 14:45 - 000002424 _____ C:\WINDOWS\System32\Tasks\NUSchedule
2019-04-15 07:01 - 2018-06-09 14:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-15 06:55 - 2018-02-10 20:02 - 000000000 ____D C:\Users\Usuari\AppData\Local\AVAST Software
2019-04-14 19:11 - 2012-11-23 07:58 - 000000000 ____D C:\ProgramData\Temp
2019-04-14 15:04 - 2016-01-28 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2019-04-14 13:57 - 2018-02-10 20:01 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2019-04-14 13:21 - 2018-06-09 14:30 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-14 13:21 - 2018-04-12 18:18 - 000775264 _____ C:\WINDOWS\system32\perfh00A.dat
2019-04-14 13:21 - 2018-04-12 18:18 - 000154638 _____ C:\WINDOWS\system32\perfc00A.dat
2019-04-14 13:21 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-14 13:21 - 2017-06-30 23:01 - 000001223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-04-14 13:21 - 2013-07-09 15:04 - 000000000 ____D C:\Program Files (x86)\Opera
2019-04-14 13:20 - 2018-06-09 14:45 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-14 13:20 - 2018-06-09 14:45 - 000004396 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-14 13:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-14 13:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-14 13:14 - 2018-06-09 14:45 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-14 13:14 - 2018-06-09 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-14 13:14 - 2018-02-17 19:05 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-14 13:13 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-04-14 13:11 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-14 13:11 - 2018-02-17 19:05 - 000380160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-14 13:10 - 2019-02-13 13:18 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-14 13:10 - 2019-01-14 19:34 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-14 13:10 - 2019-01-04 23:44 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-14 13:10 - 2019-01-04 23:44 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-14 13:10 - 2019-01-04 23:44 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-14 13:10 - 2019-01-04 23:44 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-14 13:10 - 2018-10-10 16:02 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-14 13:10 - 2018-02-17 19:05 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-14 13:10 - 2018-02-17 19:05 - 000476768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.155524047428107
2019-04-14 13:10 - 2018-02-17 19:05 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-14 13:10 - 2018-02-17 19:05 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-14 13:10 - 2018-02-17 19:05 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-14 13:10 - 2018-02-17 19:05 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-14 13:10 - 2018-02-17 19:05 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-14 13:08 - 2016-01-28 21:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-14 12:30 - 2019-03-01 17:46 - 000000000 ____D C:\Users\Usuari\Desktop\xa Lusi
2019-04-14 11:47 - 2018-06-09 14:07 - 000552776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-14 11:46 - 2013-06-20 05:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-14 11:43 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-14 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-14 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-13 22:01 - 2013-06-22 22:41 - 000000000 ____D C:\Users\Usuari\AppData\Local\CrashDumps
2019-04-13 21:54 - 2018-02-17 20:49 - 000000000 ___HD C:\Users\Usuari\MicrosoftEdgeBackups
2019-04-13 20:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-13 16:04 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-12 12:10 - 2018-04-11 21:48 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-04-11 23:44 - 2016-09-25 22:50 - 000000000 ____D C:\Users\Usuari\AppData\Roaming\vlc
2019-04-11 15:23 - 2017-08-17 13:03 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-10 15:43 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 15:32 - 2013-07-09 22:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 15:20 - 2013-06-18 00:27 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-10 14:16 - 2015-11-27 23:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-09 17:10 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-04-09 11:57 - 2013-07-09 14:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-08 20:09 - 2018-06-09 14:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-07 23:26 - 2017-12-06 19:35 - 000000000 ____D C:\Users\Usuari\Desktop\Pmas InfoSpyware
2019-04-07 12:52 - 2018-02-17 20:10 - 000000000 ____D C:\Users\Usuari\AppData\Local\Packages
2019-04-06 22:34 - 2015-08-01 14:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-06 21:52 - 2018-01-12 22:59 - 000000000 ____D C:\Program Files\rempl
2019-04-05 12:29 - 2015-06-23 22:06 - 000006144 _____ C:\Users\Usuari\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-04-03 15:37 - 2015-06-19 15:28 - 000000000 ____D C:\Users\Usuari\Desktop\EPSON Accesos directos
2019-04-02 19:45 - 2018-12-05 14:12 - 002468770 _____ C:\Users\Usuari\Desktop\CV-hor-Infoempleo.pdf
2019-04-01 19:51 - 2018-07-29 19:14 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-07-29 19:14 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-31 20:02 - 2014-06-23 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2019-03-31 19:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\System
2019-03-31 19:10 - 2014-06-23 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2019-03-28 20:07 - 2015-10-01 19:04 - 000003072 _____ C:\WINDOWS\SysWOW64\Cache.db
2019-03-19 13:07 - 2013-09-12 13:08 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-03-19 13:03 - 2018-04-11 23:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2019-03-19 13:03 - 2014-08-05 16:20 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-03-18 13:34 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-18 13:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-18 13:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-18 13:34 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-18 13:34 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-17 22:44 - 2012-11-23 07:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-03-12 17:48 - 2015-04-13 11:32 - 000000131 _____ () C:\Users\Usuari\AppData\Roaming\WB.CFG
2015-06-23 22:06 - 2019-04-05 12:29 - 000006144 _____ () C:\Users\Usuari\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-14 11:12 - 2015-03-14 11:12 - 000274045 _____ () C:\Users\Usuari\AppData\Local\dsi1.dat
2015-03-14 11:12 - 2015-03-14 11:12 - 000161916 _____ () C:\Users\Usuari\AppData\Local\dsi2.dat
2015-02-05 18:51 - 2015-05-21 18:47 - 000000000 _____ () C:\Users\Usuari\AppData\Local\Temptable.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-09 14:07

==================== End of FRST.txt ============================

Log Addition.txt (hasta “Windows Defender” -sin incluir-)

 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Usuari (15-04-2019 11:13:25)
Running from C:\Users\Usuari\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-06-09 12:46:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4013694229-2267403032-1317833026-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4013694229-2267403032-1317833026-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4013694229-2267403032-1317833026-1005 - Limited - Enabled)
Invitado (S-1-5-21-4013694229-2267403032-1317833026-501 - Limited - Disabled)
Usuari (S-1-5-21-4013694229-2267403032-1317833026-1001 - Administrator - Enabled) => C:\Users\Usuari
WDAGUtilityAccount (S-1-5-21-4013694229-2267403032-1317833026-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-f7e745fa-95d4-4367-890f-2e5f42524eec) (Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (HKLM-x32\...\WTA-e1d7d396-c30c-4701-8412-ce2b8a8f4b22) (Version: 2.2.0.98 - WildTangent) Hidden
Aplicaciones destacadas de Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Argente - Registry Cleaner 3.1.1.0 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 3.1.1.0 - Raúl Argente)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AutoCAD 2016 - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 - Español (Spanish) (HKLM\...\AutoCAD 2016 - Español (Spanish)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1258.86 - Los creadores de Avast Secure Browser)
Backup Manager v4 (HKLM-x32\...\{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-6e31e3ff-eccd-40bd-a18f-dc01a9be57d0) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
CALENER-GT (HKLM-x32\...\CALENER-GT) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (HKLM-x32\...\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}) (Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (HKLM-x32\...\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}) (Version: 2.1.2112 - CyberLink Corp.) Hidden
CTEHE2013 v1.0.1564.1124 (HKLM-x32\...\{6DDD4631-E97B-4F81-A3F1-9B4B6786851F}_is1) (Version:  - AICIA-GrupoTERMOTECNIA)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
DatosClimaticosGenericos 1.1 (HKLM-x32\...\{80DDE880-81D5-4777-B7AA-6E65AAFC7B92}_is1) (Version:  - AICIA-Grupo de Termotecnia)
Delicious: Emily's True Love Premium Edition (HKLM-x32\...\WTA-3af1e867-e55f-467c-afd9-29f0d83273c8) (Version: 2.2.0.98 - WildTangent) Hidden
Desinstalar impresora EPSON SX130 Series (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 70.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EA.com Matchup (HKLM-x32\...\{2F173C40-563E-11D4-89C5-0010ADDAAC33}) (Version:  - )
EA.com Update (HKLM-x32\...\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}) (Version:  - )
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Firefox Developer Edition 49.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 49.0a2 (x86 en-US)) (Version: 49.0a2 - Mozilla)
GanttProject (HKLM-x32\...\GanttProject) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-de19be08-1e55-4972-87c7-3f1ebb405bdc) (Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Importación de SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
IRISCompressor (HKLM\...\{D0F62DAC-D210-40E3-B2BC-C19198919713}) (Version: 1.03.0000 - I.R.I.S.)
Island Tribe (HKLM-x32\...\WTA-cba594b1-7e3e-4658-a997-26b5b6ec4821) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (HKLM-x32\...\WTA-a3097cda-d997-4568-83ae-688898e1a2cf) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-a6e530ed-3be8-4c6b-88ae-0e0d747ebc59) (Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.20.20141013 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Magic Academy (HKLM-x32\...\WTA-f3f9b295-5709-4d4b-8f9e-401162f32e34) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manual de usuario EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.34 - McAfee, Inc.)
Microsoft Access database engine 2010 (Spanish) (HKLM\...\{90140000-00D1-0C0A-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 15.0.5119.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.3 (x64 es-ES)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation)
Norton Online Backup ARA (HKLM-x32\...\NARA) (Version: 4.1.0.14 - Symantec Corporation) Hidden
Norton Utilities 15 (HKLM-x32\...\Norton Utilities 15_is1) (Version: 15.0 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5119.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5119.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0C0A-0000-0000000FF1CE}) (Version: 15.0.5119.1000 - Microsoft Corporation) Hidden
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
OpenOffice 4.1.2 (HKLM-x32\...\{74BBCD30-EB17-4909-B59F-65E0DD2B7E95}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 21.0.1432.57 (HKLM-x32\...\Opera 21.0.1432.57) (Version: 21.0.1432.57 - Opera Software ASA)
Opera Stable 60.0.3255.27 (HKLM-x32\...\Opera 60.0.3255.27) (Version: 60.0.3255.27 - Opera Software)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Convert Module (HKLM-x32\...\{53434783-F9A7-4D64-B91A-05A3BF925D70}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM-x32\...\{3D0D9604-0173-488D-9694-2638C44D7579}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Edit Module (HKLM-x32\...\{8B0A956F-9BE6-495B-AF80-7B5B42061D79}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Forms Module (HKLM-x32\...\{4CB8D214-0400-45FA-B084-AAB0C74AD032}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Insert Module (HKLM-x32\...\{DD7BB68A-7D8A-4F62-806A-3424C2A170E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 OCR Module (HKLM-x32\...\{952E5B8F-82C2-46D1-B642-37B2635CE440}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Review Module (HKLM-x32\...\{664D6EE3-9A35-4284-B9D2-80A509DF9295}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 Secure Module (HKLM-x32\...\{99E0C0D4-6746-44EE-A132-5E7E3D6FAAFB}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-b1c3c22b-a2bc-4175-980d-c3d0f677c59e) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-048276f8-b132-4b76-aa24-2fd9ef5d01bb) (Version: 2.2.0.97 - WildTangent) Hidden
PostCALENER (HKLM-x32\...\PostCALENER) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Scanner Mouse (HKLM-x32\...\{39734AC5-FF9D-40A3-A1F8-E37653D39DF7}) (Version: 2.1.2 - Dacuda)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
SolidWorks 2014 x64 Edition SP03 (HKLM\...\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}) (Version: 22.130.56 - SolidWorks) Hidden
SolidWorks 2014 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20140-40300-1100-100) (Version: 22.3.0.56 - SolidWorks Corporation)
SolidWorks 2014 x64 Spanish Resources (HKLM\...\{E548E17E-189D-4E04-B5F1-17749F86EA0C}) (Version: 22.130.56 - SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP03 (HKLM\...\{63BFDA11-6475-45E3-93E9-7D2AA28AECD5}) (Version: 14.3.107 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP03 x64 Edition (HKLM\...\{0C10FAF1-35D5-416A-B7C1-4168ED9485FA}) (Version: 22.30.56 - SolidWorks Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
Tales of Lagoona (HKLM-x32\...\WTA-2b260d6c-fdb8-406b-bcd2-94f917119a3a) (Version: 2.2.0.110 - WildTangent) Hidden
TomTom MyDrive Connect 4.2.3.3625 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.3.3625 - TomTom)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.10.17 - WildTangent) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinX DVD Ripper Platinum 7.5.17 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
Zuma's Revenge (HKLM-x32\...\WTA-8a863a64-d1df-42fc-bf76-fd648716d296) (Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4013694229-2267403032-1317833026-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4013694229-2267403032-1317833026-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4013694229-2267403032-1317833026-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4013694229-2267403032-1317833026-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4013694229-2267403032-1317833026-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4013694229-2267403032-1317833026-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Usuari\Dropbox [2015-08-01 15:06]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [Golem] -> {A4F1E2E4-9708-452B-9804-FD87EF236CF4} => C:\Program Files (x86)\I.R.I.S\IRISCompressor\Golem.dll [2012-12-04] (IMAGE RECOGNITION INTEGRATED SYSTEMS SA -> I.R.I.S. S.A.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2012-07-12] (EGIS TECHNOLOGY INC. -> Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {054E8489-82A5-4140-940E-D20B7C19DA2F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe)
Task: {11FBB78E-9340-4E53-A92F-AAB06E1B9AE7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1D76DDBF-E83F-4C2F-85D1-B33056A24581} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {214FE432-9C57-4BFE-9B32-9131CA66F82F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink -> CyberLink)
Task: {2AA2C74B-665E-4B09-B29D-84FE0651124D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2C9C6034-D9D2-4955-9384-5C6A337A4204} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {35BDDC57-BB3D-42E9-8069-49623FE711AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3FD4EF8F-A919-465E-B945-DD12B39A7EB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4379264D-F433-46DD-A857-020CCC076024} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
Task: {4F2585B0-E16F-4933-A90B-7D2FE0187C8C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {51491BC5-C4E9-43EC-A96B-DFD222F6FB40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {55842BC5-0F6E-42A9-AA3E-BEA0249E25FC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {59E8D82B-7A9B-4E3A-9459-0B56A749CFDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {6179999A-34F6-4F21-A028-C776904EB9AE} - System32\Tasks\Opera scheduled Autoupdate 1373375059 => c:\program files (x86)\opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {670CE6C6-A3C4-4BC5-A0B2-934F56D56F3B} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe (Acer Incorporated -> )
Task: {6A3BCCF4-30A6-4BC1-A02B-1B3B11AE5C18} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe (Acer Incorporated -> )
Task: {76E48CEA-94F9-4DCD-9C3D-D6C638482A41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7E042EF2-E766-468A-BC06-FAF17A18295A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {81A6856C-8704-427C-BED5-940B701D8917} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {81D20AEE-CB2B-4C7A-A811-7BA43BA28B60} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {8B6E1360-8A8B-4DD9-8C65-3CED1451A417} - System32\Tasks\NUSchedule => C:\Program Files (x86)\Norton Utilities 15\nu.exe (Symantec Corporation -> Symantec Corporation)
Task: {8E303AE2-2F80-4DB9-A2C7-91779F9863B4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {902ECF10-3A40-4B43-8FCE-5B69921A9BC3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {A0414334-2C61-4DFA-85E5-E8A6698AC13E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated -> Acer Incorporated)
Task: {ACAE8162-586E-4E13-AAF4-9C7F6BDB7033} - System32\Tasks\avastBCLRestartS-1-5-21-4013694229-2267403032-1317833026-1001 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
Task: {AF0B7F09-029C-40BA-89E9-EB3B56018958} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {B55483A4-F193-48AB-A58F-46FCA7595A8B} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {BDE48BB0-A256-45E8-9E4C-03473CB66540} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {BE7B8DB5-98BE-4A34-AB19-08DF84702960} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BFABAEB7-DAA7-45E2-99A1-8F02B84D7326} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {C8743E25-95A2-43A4-ABA5-4307C2F13ABD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {CBB72888-F280-42B3-BC83-754051961587} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DB2C4671-014D-42EF-B6E9-6A28051FA648} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {DC984FF8-5898-46A9-914A-53034D5D8132} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {E68DE6BF-A61B-40BA-9006-BC6326D1B81D} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
Task: {F436638F-F558-4742-A416-F019DB8EF559} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {F7A3BC15-D5FC-4281-928B-D86CE519ED07} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {FF55AA0C-66A1-4820-89FB-2CFA1F331984} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Usuari\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

==================== Loaded Modules (Whitelisted) ==============

2012-08-20 17:36 - 2012-08-20 17:36 - 000176640 _____ (Broadcom Corp.) [File not signed] C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
2012-08-15 12:38 - 2012-08-15 12:38 - 001842344 _____ (Symantec Corporation -> SwapDrive, Inc.) [File not signed] C:\Program Files (x86)\Symantec\Norton Online Backup\BuEng.dll
2015-10-21 15:50 - 2015-10-21 15:50 - 000518144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:D287FACF [102]
AlternateDataStreams: C:\ProgramData\Temp:D3A96964 [370]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-01-04 12:09 - 000000030 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\Control Panel\Desktop\\Wallpaper -> c:\users\usuari\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\acer01.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Inicio rápido de SolidWorks 2014.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Programa de descargas en segundo plano de SolidWorks.lnk"
HKLM\...\StartupApproved\Run32: => "Dropbox"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{14C0EB86-7C1E-4AA9-9EAE-7F08A782186B}] => (Allow) LPort=50248
FirewallRules: [{5985192C-8064-43C3-9AB3-558AEE112DFC}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{69A4C0B4-92A6-47FC-A627-642A41B596BE}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1432A95-67B4-4F5F-8C4C-CDF8AF58B24A}] => (Block) C:\users\usuari\appdata\roaming\utorrent\updates\3.4.3_40298.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EC2180BB-A78B-49E8-93FA-E45D806B4B0F}] => (Block) C:\users\usuari\appdata\roaming\utorrent\updates\3.4.3_40298.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{5F63BAC1-2E74-4D24-A194-33E6E198FB21}C:\users\usuari\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\usuari\appdata\roaming\utorrent\updates\3.4.3_40298.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{8CA564D4-957A-4D37-AA6E-C963B0729CB0}C:\users\usuari\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\usuari\appdata\roaming\utorrent\updates\3.4.3_40298.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{84B5E92E-0CDE-495D-9F59-84D21D4878C5}] => (Allow) C:\Users\Usuari\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8F0E6C22-C0FD-4C49-9241-9367B035F4F4}] => (Allow) C:\Users\Usuari\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{49CB8B27-D18C-43E3-9B0B-CB276A0C70B1}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe (Luxology -> )
FirewallRules: [{77397890-C6F1-455F-8465-403706882301}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe (Luxology -> )
FirewallRules: [{79B69E02-51D4-4D97-AC8F-FE4B7B3E1D98}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe (Luxology -> )
FirewallRules: [{B24050D3-5920-4D88-9E32-B8F58B1575D4}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe (Luxology -> )
FirewallRules: [{18BDE839-389F-42D4-9B3C-4227CEC78431}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
FirewallRules: [{DED80D3E-8871-44FE-870F-30A5BAC405EB}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
FirewallRules: [{996DD7C6-D486-4274-A983-324DFBBF8ECA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5D518EC4-12E1-4B29-A306-1EAE8E34B8D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{06BE9732-CD11-420F-A9A3-D2196E1D962A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA8E019E-FEB5-4D01-85AB-2B6BC245A792}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08C83738-2B28-4C8D-B058-EB38B70FBFFC}] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [{DF1983AB-0838-43A6-88D1-67ADC41E95F9}] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [UDP Query User{18419841-CBCD-4BDB-857C-0B17FBA3FF0B}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [TCP Query User{519A7BA7-E792-4EFC-ADBD-9FCA3A3A8D7E}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe (Symantec Corporation -> Symantec Corporation)
FirewallRules: [{8DECFECD-F21F-436B-9577-F86C7BDD07C4}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{4601BEC3-9E44-4DB4-8061-41D0114D16FB}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{0BBC0EC5-9869-499E-BC66-3C5DAA1200F6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{34BA17BF-EAB6-451B-A6B6-3B6A6478B7AD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{1A947A0A-BF28-4694-B7D1-C255406FAA85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96C2283B-8374-437E-97F5-5050E9B84A97}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe (NTI Corporation -> NTI Corporation)
FirewallRules: [{54EF1D26-1E67-4317-862F-5309CF19152C}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation -> NTI Corporation)
FirewallRules: [{B59D6F63-526A-43F7-AC5A-68F2144DCFEA}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe (NTI Corporation -> NTI Corporation)
FirewallRules: [{647E0032-01BC-4442-9473-E97A88430FC3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FFA7EC80-1330-4F31-B56D-AF37E2887709}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9F754A84-D4AD-4243-990A-8A1C6065F03D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{8D1EBD10-11D9-49D0-8E76-72B8D6DCB0AC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A3A422CF-6C11-4915-A5D4-80A3DFA24233}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe (CyberLink -> )
FirewallRules: [{6CFB1F9C-EEAD-4D08-9B29-D2C16D37815E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AF3271BC-EC52-416D-AB29-7BCBDFDE4F07}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8BD4F3C1-0A7F-400D-BA48-BAE626E12907}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{D2FC1B22-249E-4BE8-A0A7-06D8CF65D344}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{1C2331FA-0DDB-47DC-A9BD-7362E41E1758}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{A4D62558-4603-4485-937B-8245607BAC8C}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{EEA3A3B0-EDDF-4621-8147-E58332FD66B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2940963C-39E9-4B97-9DD5-767640C85382}C:\windows\system32\dllhost.exe] => (Block) C:\windows\system32\dllhost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{5D49D6A5-610C-4BC6-A9EC-7D19FD92F9A2}C:\windows\system32\dllhost.exe] => (Block) C:\windows\system32\dllhost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3A2E8FA8-1A54-4158-8DB4-378E355305B2}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [TCP Query User{37C3AB23-CA27-4BAE-B322-50B14B563C99}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AFC8E5AC-467D-4619-887B-69A7C2608495}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E43E000E-3CFE-402A-AD12-FD7B5A40C514}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F9F72D6B-6BF4-4E6F-9515-637E72127D5B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{3055AAA4-2B95-4D0B-9839-2AA2EEDC7C49}C:\users\usuari\appdata\roaming\utorrent\updates\3.5.5_44994.exe] => (Allow) C:\users\usuari\appdata\roaming\utorrent\updates\3.5.5_44994.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{5AEDACC5-9D97-4806-AD23-C9EC7BBE37B9}C:\users\usuari\appdata\roaming\utorrent\updates\3.5.5_44994.exe] => (Allow) C:\users\usuari\appdata\roaming\utorrent\updates\3.5.5_44994.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0A69F6D2-0ECD-47E9-97A3-36E2572AE75E}] => (Block) C:\users\usuari\appdata\roaming\utorrent\updates\3.5.5_44994.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{596925C1-312B-4023-9DA8-286A80A1E3D7}] => (Block) C:\users\usuari\appdata\roaming\utorrent\updates\3.5.5_44994.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EE1F81F4-64F8-491C-AE47-CE554FE271C8}] => (Allow) c:\program files (x86)\opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DFB099A9-35E9-4ED6-A10C-BAE5F0F2BC08}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C7C360FE-8727-404C-B5E4-83009F85E03A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{49B9E3F6-DA7D-4105-BB20-5DC31B157C60}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{09660095-163F-4BC7-AD50-F4DE55429200}] => (Allow) c:\program files (x86)\opera\60.0.3255.27\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

10-04-2019 15:19:04 Windows Update
14-04-2019 14:05:38 PRE-PRUEBAS (14-4-19)
14-04-2019 15:00:27 Removed Avast Driver Updater

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2019 11:04:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest.

Error: (04/15/2019 10:53:00 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/15/2019 09:52:37 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/15/2019 08:54:20 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/15/2019 07:52:58 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (04/15/2019 06:55:06 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/15/2019 06:53:23 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Usuari\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 63.0.3236.0,language="&#x2a;",type="win32",version="63.0.3236.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (04/15/2019 06:52:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\LG Electronics\LG PC Suite\LGPCSuite.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_42f0d9a244e0990d.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.706_none_fb43a2cb30647007.manifest.


System errors:
=============
Error: (04/15/2019 11:16:02 AM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario Acer\Usuari con SID (S-1-5-21-4013694229-2267403032-1317833026-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/15/2019 10:23:24 AM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario Acer\Usuari con SID (S-1-5-21-4013694229-2267403032-1317833026-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/15/2019 09:21:15 AM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario Acer\Usuari con SID (S-1-5-21-4013694229-2267403032-1317833026-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/15/2019 08:12:37 AM) (Source: DCOM) (EventID: 10016) (User: ACER)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario Acer\Usuari con SID (S-1-5-21-4013694229-2267403032-1317833026-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/15/2019 07:28:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (04/15/2019 07:28:27 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuari\AppData\Local\Temp\ehdrv.sys

Error: (04/15/2019 07:28:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (04/15/2019 07:28:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Usuari\AppData\Local\Temp\ehdrv.sys

Log Addition.txt (Desde “Windows Defender” hasta el final)

Windows Defender:
===================================
Date: 2019-04-14 18:10:56.387
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {666C725A-B0AF-4C8D-A7D0-9E198CAD7233}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-08 19:33:08.307
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B3A85D4A-407F-46CE-9B9A-C41F4A764141}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-08 17:12:40.060
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {21E43EC2-EA0C-44A1-8DFC-618C5E2ABD83}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-08 17:11:42.650
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DB77E01C-6933-4765-B38A-D443BE53913B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-04-08 17:03:51.716
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {938BEBBF-3FA5-46B9-B878-158ADB265E0D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-10-13 18:30:41.572
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.229.709.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.13103.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-10-13 18:30:41.572
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.229.709.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.13103.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-10-13 18:30:41.571
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.229.709.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.13103.0
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-10-13 17:52:08.386
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.229.709.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.13103.0
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-04-15 11:09:09.496
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-15 11:09:07.139
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-15 11:09:06.624
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-14 13:15:31.341
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-14 13:15:04.716
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-14 13:12:59.059
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-14 13:05:09.001
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-04-14 13:04:16.661
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 45%
Total physical RAM: 8005.28 MB
Available physical RAM: 4364.29 MB
Total Virtual: 9285.28 MB
Available Virtual: 5572.3 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:222.7 GB) (Free:31.91 GB) NTFS
Drive e: (Datos) (Fixed) (Total:222.66 GB) (Free:22.66 GB) NTFS

\\?\Volume{5ef4a200-a9f9-4e6e-a8f6-3fb46e48d8ba}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{cf456e51-0637-426b-b1a8-291bd99505b2}\ () (Fixed) (Total:0.84 GB) (Free:0.32 GB) NTFS
\\?\Volume{2ec0621a-e708-457c-bdd8-acbd7cafad24}\ (Push Button Reset) (Fixed) (Total:18.76 GB) (Free:4.14 GB) NTFS
\\?\Volume{1997a05d-d58b-4ea7-9351-c96f70047202}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Desinstalas:

Todo lo que ponga “Toolbar” o “barra”

Desinstalas:

Mcafee security scan plus

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
CHR Extension: (Chrome Media Router) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
Task: {4F2585B0-E16F-4933-A90B-7D2FE0187C8C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Shortcut: C:\Users\Usuari\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
AlternateDataStreams: C:\ProgramData\Temp:D287FACF [102]
AlternateDataStreams: C:\ProgramData\Temp:D3A96964 [370]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, junto a estos otros:

1 me gusta

Buenas de nuevo Miguel, muchas gracias por responder :slight_smile:

Iré por pasos:

1.- Desinstalación de Google Toolbar y Mcafee security scan plus realizada con éxito.

2.- Delfix ejecutado.

3.- FIX: Fixlist creado. Pero, no sigo porque en el modo seguro no hay conexión a internet, y me extraña el hecho de que se escoja “conexión con funciones de red” y que luego no exista dicha conexión. ¿Puedo seguir con el proceso sin conexión a internet?

4.- USBFix: Entiendo que tengo que conectarlos todos y hacer un análisis, ¿correcto?. Por cierto, ¿me sabrías decir cuánto podría tardar el análisis si entre todos se van a 1 Tb de archivos? (me refiero a si hace un escaneo profundo como el ESET, o uno más ligero).

Espero que me puedas dar respuesta a las dudas, te estaré muy agradecido. Así podremos ir avanzando :wink:

Muchas gracias por tu atención Miguel y recibe un cordial saludo.

alonsotaku

Puedes hacerlo en modo seguro normal,aunque para elegir modo seguro con red tienes que elegir lo de entre las opciones que te da según las indicaciones.

Usbfix tarda poco en realidad para analizar es hacerlo con tus USB conectados que puedas tener infectados y o discos duros

1 me gusta

Hola de nuevo Miguel.

Aquí tienes los reportes:

Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Usuari (16-04-2019 10:07:05) Run:1
Running from C:\Users\Usuari\Desktop
Loaded Profiles: Usuari (Available Profiles: Usuari)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = 
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
CHR Extension: (Chrome Media Router) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
Task: {4F2585B0-E16F-4933-A90B-7D2FE0187C8C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Shortcut: C:\Users\Usuari\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
AlternateDataStreams: C:\ProgramData\Temp:D287FACF [102]
AlternateDataStreams: C:\ProgramData\Temp:D3A96964 [370]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => removed successfully
HKLM\Software\Classes\CLSID\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
CHR Extension: (Chrome Media Router) - C:\Users\Usuari\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-07] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\System\CurrentControlSet\Services\PSKMAD => removed successfully
PSKMAD => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F2585B0-E16F-4933-A90B-7D2FE0187C8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F2585B0-E16F-4933-A90B-7D2FE0187C8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\Users\Usuari\Favorites\Acer\Acer.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk => moved successfully
C:\ProgramData\Temp => ":D287FACF" ADS removed successfully
C:\ProgramData\Temp => ":D3A96964" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 5 mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 109770779 B
Java, Flash, Steam htmlcache => 1278 B
Windows/system/drivers => 340597673 B
Edge => 136093198 B
Chrome => 7393360 B
Firefox => 769144200 B
Opera => 160548 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6372 B
LocalService => 0 B
NetworkService => 16710 B
NetworkService => 0 B
Usuari => 35378085 B

RecycleBin => 155200391 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:11:36 ====
De UsbFix, tengo 4 Usbs, como sólo tengo 2 puertos he tenido que hacerlo en 2 veces. 

Aquí están los 2 reportes: 

[center]**[size=4]UsbFix-Report-01[/size]**[/center]

    # ----------------------------------------------------
    # UsbFix Antivirus Free
    # ----------------------------------------------------
    # Versión : 11.014
    # Base de datos : 2019.03.26 
    # Contacto : https://www.usb-antivirus.com/es/contacto
    # ----------------------------------------------------
    # Tipo de escaneo : Full
    # Usuario : Usuari (Administrador)
    # Dispositivo : ACER
    # Comenzó : 16/04/2019 10:48:52
    # ----------------------------------------------------

    ------------ | Discos analizados |

    C:\	NTFS	(33GB/223GB)	[Fixed] 
    E:\	NTFS	(23GB/223GB)	[Fixed] 
    F:\	NTFS	(1173GB/1863GB)	[Fixed] 
    H:\	NTFS	(738GB/1863GB)	[Fixed] 

    ------------ | Elemento(s) infectado(s) |

    ~ Ningún elemento detectado ~

    ------------ | Run |

    F2 - HKLM\..\Winlogon : [Shell] explorer.exe
    F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
    F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,
    F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
    04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    04 - HKCU\..\Run : [Chromium] "c:\users\usuari\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    04 - HKCU\..\Run : [AvastBrowserAutoLaunch_9E2A2749ED8EA7F7B927726AABE5492C] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    04 - HKCU\..\RunOnce : [Application Restart #1] C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -osint -url http://cdn.bitmedianetwork.com/network/r.html?u=ue1-93b8f2e56d3b4fec8c5ac528f4fa02df&next=瑨ç

´â¼ºç”¯æ½´ç‰²æ¹¥â¹´æ½£â½­ç‰°æ‘¯æ•®ç·à¨€í©œä¤»æ¬€è°€ç•§â¹©æ ¬ç‘³çŸæ•²æ•¦æ•²æ®å½¥æ ´âµ¢â¸±8&osv=42EE000A&iev=11&geo=ES&lang=es&ver=3%2e5%2e4%2e1%2e44632 04 - HKLM…\Run : [Dropbox] “C:\Program Files (x86)\Dropbox\Client\Dropbox.exe” /systemstartup 04 - [x64] HKLM…\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe 04 - [x64] HKLM…\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s 04 - [x64] HKLM…\Run : [AvastUI.exe] “C:\Program Files\AVAST Software\Avast\AvLaunch.exe” /gui 04 - [x64] HKLM…\Run : [IgfxTray] “C:\WINDOWS\system32\igfxtray.exe” 04 - [x64] HKLM…\Run : [HotKeysCmds] “C:\WINDOWS\system32\hkcmd.exe” 04 - [x64] HKLM…\Run : [Persistence] “C:\WINDOWS\system32\igfxpers.exe” 04 - HKU\S-1-5-19…\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup 04 - HKU\S-1-5-20…\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup 04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001…\Run : [CCleaner Smart Cleaning] “C:\Program Files\CCleaner\CCleaner64.exe” /MONITOR 04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001…\Run : [Chromium] “c:\users\usuari\appdata\local\chromium\application\chrome.exe” --auto-launch-at-startup --profile-directory=“Default” --restore-last-session 04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001…\Run : [AvastBrowserAutoLaunch_9E2A2749ED8EA7F7B927726AABE5492C] “C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe” --check-run=src=logon --auto-launch-at-startup --profile-directory=“Default” --restore-last-session 04 - HKU\S-1-5-19…\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade 04 - HKU\S-1-5-20…\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade 04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001…\RunOnce : [Application Restart #1] C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -osint -url http://cdn.bitmedianetwork.com/network/r.html?u=ue1-93b8f2e56d3b4fec8c5ac528f4fa02df&next=ç‘¨ç´â¼ºç”¯æ½´ç‰²æ¹¥â¹´æ½£â½­ç‰°æ‘¯æ•®ç·à¨€í©œä¤»æ¬€è°€ç•§â¹©æ ¬ç‘³çŸæ•²æ•¦æ•²æ®å½¥æ ´âµ¢â¸±8&osv=42EE000A&iev=11&geo=ES&lang=es&ver=3%2e5%2e4%2e1%2e44632 04GS - Acer Backup Manager Tray.lnk : C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

    ------------ | Tasks |

    Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    Task - Adobe Flash Player NPAPI Notifier --> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe -check plugin
    Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task - ALU --> C:\Program Files (x86)\Acer\Live Updater\updater.exe -auto
    Task - ALUAgent --> C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe
    Task - Avast Emergency Update --> C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
    Task - Avast Secure Browser Heartbeat Task (Hourly) --> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
    Task - Avast Secure Browser Heartbeat Task (Logon) --> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
    Task - avastBCLRestartS-1-5-21-4013694229-2267403032-1317833026-1001 --> C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Task - AvastUpdateTaskMachineCore --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
    Task - AvastUpdateTaskMachineUA --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
    Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
    Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
    Task - CreateExplorerShellUnelevatedTask --> C:\WINDOWS\explorer.exe /NOUACCHECK
    Task - DeviceDetector --> C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
    Task - DropboxUpdateTaskMachineUA --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
    Task - EgisUpdate --> "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
    Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
    Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
    Task - NUSchedule --> C:\Program Files (x86)\Norton Utilities 15\nu.exe /F
    Task - OneDrive Standalone Update Task-S-1-5-21-4013694229-2267403032-1317833026-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
    Task - Opera scheduled Autoupdate 1373375059 --> c:\program files (x86)\opera\launcher.exe --scheduledautoupdate $(Arg0)
    Task - Optimize Start Menu Cache Files-S-1-5-21-4013694229-2267403032-1317833026-1001
    Task - Optimize Start Menu Cache Files-S-1-5-21-4013694229-2267403032-1317833026-500
    Task - PMMUpdate --> "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
    Task - Power Management --> "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
    Task - Synaptics TouchPad Enhancements --> \Program Files\Synaptics\SynTP\SynTPEnh.exe
    Task - User_Feed_Synchronization-{69C227ED-E3F7-471E-BBE2-60E089DC440F} --> C:\Windows\system32\msfeedssync.exe sync

    ------------ | C:\ %SystemDrive% - Disco fijo (NTFS) |

    [15/08/2017 - 12:47:05 | A | 1 Ko] - GUDownLoaddebug.txt
    [15/04/2019 - 18:49:14 | A | 0 Ko] - DelFix.txt
    [16/04/2019 - 10:12:42 | ASH | 3278960 Ko] - hiberfil.sys
    [16/04/2019 - 10:12:44 | ASH | 1310720 Ko] - pagefile.sys
    [16/04/2019 - 10:12:44 | ASH | 262144 Ko] - swapfile.sys
    [20/08/2016 - 01:01:29 | D] - .oracle_jre_usage
    [15/04/2019 - 18:54:47 | SHD] - Config.Msi
    [05/08/2015 - 12:10:36 | A | 0 Ko] - ftconfig.ini
    [07/05/2014 - 18:56:19 | SHD] - $Recycle.Bin
    [02/02/2019 - 21:29:19 | HD] - $WINDOWS.~BT
    [23/11/2012 - 07:46:10 | D] - Intel
    [05/01/2013 - 10:10:25 | HD] - sources
    [10/06/2013 - 23:01:56 | SHD] - Archivos de programa
    [12/06/2013 - 17:36:38 | D] - OEM
    [22/08/2013 - 16:45:52 | SHD] - Documents and Settings
    [17/07/2014 - 20:29:29 | D] - SolidWorks Data
    [17/07/2014 - 20:59:52 | D] - SolidWorks Data (2)
    [04/08/2014 - 10:41:12 | RHD] - MSOCache
    [04/08/2014 - 11:23:14 | D] - NPE
    [06/09/2014 - 13:15:09 | D] - SOLIDWORKS Data (3)
    [16/10/2015 - 15:48:05 | D] - e9e58269372413efc89e
    [30/10/2015 - 09:18:34 | N | 0 Ko] - BOOTNXT
    [30/03/2016 - 16:28:57 | D] - $SysReset
    [01/10/2017 - 18:52:32 | D] - ProyectosCTEyCEE
    [01/10/2017 - 18:53:45 | D] - ProgramasCTEyCEE
    [24/10/2017 - 18:33:06 | D] - Software DELSOL
    [31/12/2017 - 19:07:14 | D] - AdwCleaner
    [12/04/2018 - 01:38:20 | D] - PerfLogs
    [09/06/2018 - 14:08:53 | SHD] - Recovery
    [09/06/2018 - 14:13:17 | RD] - Users
    [10/11/2018 - 20:42:05 | D] - ACER
    [10/11/2018 - 20:42:07 | HD] - $AV_ASW
    [24/12/2018 - 10:04:17 | D] - iijcujxnto__
    [15/04/2019 - 18:26:23 | RD] - Program Files
    [15/04/2019 - 18:26:23 | HD] - ProgramData
    [15/04/2019 - 19:07:37 | D] - Windows
    [16/04/2019 - 10:13:42 | D] - FRST
    [16/04/2019 - 10:48:36 | RD] - Program Files (x86)

    ------------ | E:\ - Disco fijo (NTFS) |

    [15/02/2019 - 23:18:20 | A | 992360 Ko] - Poemas 2015 (14-2-19).rar
    [20/08/2015 - 19:55:46 | A | 76 Ko] - 627 Elipses ^_^.png
    [10/08/2017 - 19:15:32 | A | 765 Ko] - Eres-exitoso2..png
    [13/02/2019 - 00:06:11 | A | 422 Ko] - sanrodrim-24.pdf
    [13/02/2019 - 23:03:43 | A | 368 Ko] - Ana8929 .pdf
    [06/04/2019 - 22:17:17 | A | 1588 Ko] - programasantacreu2019mail.pdf
    [10/04/2019 - 15:31:14 | A | 411275 Ko] - Dibujo-IIal-Uni-Jaume1.pdf
    [17/11/2015 - 00:23:50 | A | 40 Ko] - 7 cosas que hice para reboot my vida.odt
    [24/02/2018 - 21:36:09 | A | 43 Ko] - 5 cosas que los viejos programadores deberían recordar.odt
    [09/05/2018 - 11:18:33 | A | 12 Ko] - Tarjetas-banco.odt
    [22/11/2018 - 20:30:57 | A | 11 Ko] - Batería-movil-Josep.odt
    [16/01/2019 - 19:40:12 | A | 13 Ko] - My-bici-estática.ods
    [19/02/2019 - 12:21:12 | A | 8 Ko] - Gastos....ods
    [13/04/2019 - 22:08:07 | A | 2 Ko] - Luisón-20_claves_aperturas.pdf - Acceso directo.lnk --> E:\My Documents\personal affaires (1-8-12)\tiempo libre\Juegos\ajedrez\Luisón-20_claves_aperturas.pdf
    [17/04/2016 - 18:44:16 | A | 3590 Ko] - DSCF3862.JPG
    [17/04/2016 - 19:23:50 | A | 4036 Ko] - DSCF3930.JPG
    [18/06/2017 - 15:36:27 | A | 562 Ko] - marc-clotet-jugador-de-ajedrez-cartel.jpg
    [21/06/2017 - 23:01:07 | A | 129 Ko] - The-Promise.jpg
    [18/07/2017 - 21:57:01 | A | 139 Ko] - Débora-Aguelo-(María León).jpg
    [13/10/2017 - 14:24:25 | SH | 2 Ko] - AlbumArt_{8539662A-247F-48DF-8BFF-0B7C51CCBE37}_Small.jpg
    [13/10/2017 - 14:24:25 | SH | 2 Ko] - AlbumArtSmall.jpg
    [13/10/2017 - 14:24:25 | SH | 6 Ko] - Folder.jpg
    [13/10/2017 - 14:24:25 | SH | 6 Ko] - AlbumArt_{8539662A-247F-48DF-8BFF-0B7C51CCBE37}_Large.jpg
    [18/05/2018 - 15:15:53 | A | 538 Ko] - Casco-espartano.jpg
    [25/05/2018 - 13:22:46 | A | 34 Ko] - fénix.jpg
    [13/10/2018 - 17:06:21 | A | 122 Ko] - ColdPlay-Colors.jpg
    [03/02/2019 - 14:58:22 | A | 36 Ko] - Pegaso.jpg
    [15/02/2019 - 17:01:45 | A | 511 Ko] - Almendro (10-2-19).jpg
    [16/02/2019 - 17:07:50 | A | 1059 Ko] - 2019-02-02 18.12.58.jpg
    [16/02/2019 - 17:07:50 | A | 1005 Ko] - 2019-02-02 18.13.07.jpg
    [16/02/2019 - 17:07:50 | A | 1038 Ko] - 2019-02-02 18.13.16.jpg
    [09/03/2019 - 17:44:18 | A | 5541 Ko] - Jardín-de-las-delicias.jpg
    [13/10/2017 - 14:24:26 | SH | 0 Ko] - desktop.ini
    [25/01/2019 - 14:54:08 | A | 8037 Ko] - Marcadores (24-1-19) ILU.....html
    [04/04/2019 - 22:17:55 | A | 8201 Ko] - Marcadres (4-19).html
    [27/11/2018 - 20:33:03 | A | 68565 Ko] - InstallTomTomMyDriveConnect.exe
    [21/07/2015 - 17:37:28 | SHD] - $RECYCLE.BIN
    [04/08/2017 - 23:01:32 | RD] - POR MIRAR -PEN Y CSs-
    [26/10/2018 - 11:47:16 | D] - ESCRITORIO-10-18
    [25/12/2018 - 16:25:34 | RD] - My Documents
    [14/04/2019 - 12:24:22 | D] - Poemas 2015 (14-2-19)
    [14/04/2019 - 12:26:54 | D] - Avengers
    [14/04/2019 - 12:33:12 | D] - fotos-movil

    ------------ | F:\ - Disco fijo (NTFS) |

    [16/02/2019 - 13:58:00 | D] - CS 3.x
    [23/10/2018 - 15:27:33 | A | 675 Ko] - Tamaño-original.png
    [06/10/2016 - 02:55:32 | A | 1287 Ko] - Instruction Manual for Safety and Comfort.pdf
    [05/12/2017 - 09:46:18 | A | 5018 Ko] - TOSHIBA CANVIO BASICS.pdf
    [23/10/2018 - 15:18:48 | A | 4 Ko] - Webs caja.pdf
    [23/10/2018 - 15:17:19 | A | 10 Ko] - Webs caja.odt
    [23/10/2018 - 15:22:31 | SHD] - $RECYCLE.BIN

    ------------ | H:\ - Disco fijo (NTFS) |

    [13/04/2019 - 18:21:29 | D] - CS 2.x
    [05/07/2017 - 17:46:04 | A | 136 Ko] - Tamaño-original.png
    [13/07/2015 - 14:27:56 | A | 4772 Ko] - TOSHIBA CANVIO BASICS.pdf
    [05/07/2017 - 17:41:57 | SHD] - $RECYCLE.BIN
    [03/03/2019 - 17:34:17 | D] - FIFA 15 Ultimate Team Ed [PCDVD+Crack CPY]

    Elemento(s) infectado(s) : 0
    Elementos analizados : 88639 en 00h 00m 15s

    # UsbFix-Report-01.txt [12803B]

    ------------ | E.O.F  |

Miguel, copio y pego todo el reporte de UsbFix (el 1º) y me sale así partido en 2 :scream:, no lo entiendo, no te paso ningún reporte más, porque sospecho que el 2º saldrá igual. No te quiero ir poniendo duda tras duda. Coméntame qué podemos hacer con esto (a lo mejor me dices que está bien y que sale así) y te seguiré poniendo los reportes. Disculpa si no es la solución acertada y debería ponerte todos, pero prefiero aclarar esto antes de seguir :roll_eyes:

¿ok? Muchas gracias por tu atención y disculpa las molestias.

PD: ¿Puedo poner más de un reporte en cada mensaje o me recomiendas que utilice un mensaje para cada reporte? El problema que veo, y que os mando como sugerencia, es que yo cuando selecciono el texto y clico en los corchetes de código, no veo ningún elemento gráfico que me indique que, en efecto, es línea de código. Por eso creo que a la hora de enviar 2 reportes en un mensaje puede ser un poco lioso.

Un saludo,

alonsotaku

Los reportes puedes pegarlos en cada respuesta uno de cada vez, si te cogen todos en una , da igual

Pon los que faltan y luego analizó todos los reportes y te doy respuestas

1 me gusta

Ok. Aquí va el siguiente:

**[center][size=4]UsbFix-Report-02.txt[/size][/center]**

    # ----------------------------------------------------
    # UsbFix Antivirus Free
    # ----------------------------------------------------
    # Versión : 11.014
    # Base de datos : 2019.03.26 
    # Contacto : https://www.usb-antivirus.com/es/contacto
    # ----------------------------------------------------
    # Tipo de escaneo : USB
    # Usuario : Usuari (Administrador)
    # Dispositivo : ACER
    # Comenzó : 16/04/2019 10:56:53
    # ----------------------------------------------------

    ------------ | Discos analizados |

    F:\	FAT	(494GB/500GB)	[Removable] 
    G:\	FAT32	(30GB/30GB)	[Removable] 

    ------------ | Elemento(s) infectado(s) |

    ~ Ningún elemento detectado ~

    ------------ | Run |

    F2 - HKLM\..\Winlogon : [Shell] explorer.exe
    F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
    F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,
    F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
    04 - HKCU\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    04 - HKCU\..\Run : [Chromium] "c:\users\usuari\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    04 - HKCU\..\Run : [AvastBrowserAutoLaunch_9E2A2749ED8EA7F7B927726AABE5492C] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    04 - HKCU\..\RunOnce : [Application Restart #1] C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -osint -urlhttp://cdn.bitmedianetwork.com/network/r.html?u=ue1-93b8f2e56d3b4fec8c5ac528f4fa02df&next
    04 - HKLM\..\Run : [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    04 - [x64] HKLM\..\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
    04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    04 - [x64] HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
    04 - [x64] HKLM\..\Run : [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
    04 - [x64] HKLM\..\Run : [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe"
    04 - [x64] HKLM\..\Run : [Persistence] "C:\WINDOWS\system32\igfxpers.exe"
    04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
    04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
    04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\..\Run : [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\..\Run : [Chromium] "c:\users\usuari\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\..\Run : [AvastBrowserAutoLaunch_9E2A2749ED8EA7F7B927726AABE5492C] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session
    04 - HKU\S-1-5-19\..\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
    04 - HKU\S-1-5-20\..\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
    04 - HKU\S-1-5-21-4013694229-2267403032-1317833026-1001\..\RunOnce : [Application Restart #1] C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -osint -url http://cdn.bitmedianetwork.com/network/r.html?u=ue1-93b8f2e56d3b4fec8c5ac528f4fa02df&next=ç‘¨ç´â¼ºç”¯æ½´ç‰²æ¹¥â¹´æ½£â½­ç‰°æ‘¯æ•®ç·à¨€í©œä¤»æ¬€è°€ç•§â¹©æ

¬ç‘³çŸæ•²æ•¦æ•²æ®å½¥æ ´âµ¢â¸±8&osv=42EE000A&iev=11&geo=ES&lang=es&ver=3%2e5%2e4%2e1%2e44632 04GS - Acer Backup Manager Tray.lnk : C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

    ------------ | Tasks |

    Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    Task - Adobe Flash Player NPAPI Notifier --> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe -check plugin
    Task - Adobe Flash Player Updater --> C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task - ALU --> C:\Program Files (x86)\Acer\Live Updater\updater.exe -auto
    Task - ALUAgent --> C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe
    Task - Avast Emergency Update --> C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
    Task - Avast Secure Browser Heartbeat Task (Hourly) --> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
    Task - Avast Secure Browser Heartbeat Task (Logon) --> C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
    Task - avastBCLRestartS-1-5-21-4013694229-2267403032-1317833026-1001 --> C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Task - AvastUpdateTaskMachineCore --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
    Task - AvastUpdateTaskMachineUA --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
    Task - CCleaner Update --> C:\Program Files\CCleaner\CCUpdate.exe
    Task - CCleanerSkipUAC --> "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
    Task - CreateExplorerShellUnelevatedTask --> C:\WINDOWS\explorer.exe /NOUACCHECK
    Task - DeviceDetector --> C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
    Task - DropboxUpdateTaskMachineUA --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
    Task - EgisUpdate --> "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
    Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
    Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
    Task - NUSchedule --> C:\Program Files (x86)\Norton Utilities 15\nu.exe /F
    Task - OneDrive Standalone Update Task-S-1-5-21-4013694229-2267403032-1317833026-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
    Task - Opera scheduled Autoupdate 1373375059 --> c:\program files (x86)\opera\launcher.exe --scheduledautoupdate $(Arg0)
    Task - Optimize Start Menu Cache Files-S-1-5-21-4013694229-2267403032-1317833026-1001
    Task - Optimize Start Menu Cache Files-S-1-5-21-4013694229-2267403032-1317833026-500
    Task - PMMUpdate --> "C:\Program Files\EgisTec IPS\PMMUpdate.exe"
    Task - Power Management --> "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
    Task - Synaptics TouchPad Enhancements --> \Program Files\Synaptics\SynTP\SynTPEnh.exe
    Task - User_Feed_Synchronization-{69C227ED-E3F7-471E-BBE2-60E089DC440F} --> C:\Windows\system32\msfeedssync.exe sync

    ------------ | F:\ - Disco extraíble (FAT) |

    [04/08/2012 - 23:54:08 | H | 0 Ko] - AUTORUN.INF
    [07/01/2019 - 21:40:36 | N | 6016 Ko] - test_write1.dvr
    [07/01/2019 - 21:40:34 | RD] - ALIDVRS2

    ------------ | G:\ - Disco extraíble (FAT32) |

    [15/02/2019 - 17:09:28 | A | 27 Ko] - 2 copias-Blanco-negro.pdf
    [15/02/2019 - 17:28:52 | A | 60 Ko] - A4-1página-blanco-y-negro.pdf
    [16/02/2019 - 17:34:18 | A | 5 Ko] - 2 copias-teléfonos.pdf
    [03/10/2014 - 09:44:42 | H | 0 Ko] - AUTORUN.INF

    Elemento(s) infectado(s) : 0
    Elementos analizados : 62258 en 00h 00m 07s

    # UsbFix-Report-02.txt [7795B]

    ------------ | E.O.F  |

mbar-log-2019-04-16 (11-04-27)

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2019.04.16.04
  rootkit: v2019.04.16.04

Windows 10 x64 NTFS
Internet Explorer 11.706.17134.0
Usuari :: ACER [administrator]

16/04/2019 11:04:27
mbar-log-2019-04-16 (11-04-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 250596
Time elapsed: 33 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

system-log.txt

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.706.17134.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8394141696, free: 5860352000

Downloaded database version: v2019.04.16.04
Downloaded database version: v2019.04.16.04
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     04/16/2019 11:04:20
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\aswElam.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\wd\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\drivers\aswVmm.sys
\SystemRoot\system32\drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\aswbuniv.sys
\SystemRoot\system32\drivers\aswblog.sys
\SystemRoot\system32\drivers\aswbidsh.sys
\SystemRoot\system32\drivers\aswArDisk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys
\SystemRoot\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\vmbkmclr.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\drivers\aswHdsKe.sys
\SystemRoot\system32\drivers\aswbidsdriver.sys
\SystemRoot\system32\drivers\aswArPot.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\k57nd60a.sys
\SystemRoot\System32\drivers\bScsiSDa.sys
\SystemRoot\System32\drivers\SCSIPORT.SYS
\SystemRoot\System32\drivers\bScsiMSa.sys
\SystemRoot\System32\drivers\b57xdbd.sys
\SystemRoot\System32\drivers\NETwew01.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\aPs2Kb2Hid.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\b57xdmp.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\aswStm.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\C1555223.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2019.04.16.04
  rootkit: v2019.04.16.04

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffa007a5867060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffa007a5867c10, DeviceName: Unknown, DriverName: \Driver\aswArDisk\
DevicePointer: 0xffffa007a497f8d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffa007a5867060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffa007a3de8060, DeviceName: \Device\0000002c\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: F63793C6

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 4189382743
    GPT Header CurrentLba = 1 BackupLba 976773167
    GPT Header FirstUsableLba 34  LastUsableLba 976773134
    GPT Header Guid ebe77eec-7d63-4480-bcff-da736804b1e
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 4189382743
    Backup GPT header CurrentLba = 976773167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 976773134
    Backup GPT header Guid ebe77eec-7d63-4480-bcff-da736804b1e
    Backup GPT header Contains 128 partition entries starting at LBA 976773135
    Backup GPT header Partition entry size = 128

    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 5ef4a200-a9f9-4e6e-a8f6-3fb46e48d8ba
    FirstLBA 2048  Last LBA 821247
    Attributes 1
    Partition Name                 Basic data partition

    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 1997a05d-d58b-4ea7-9351-c96f704722
    FirstLBA 821248  Last LBA 1435647
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 1 is bootable
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 2d84d039-4633-433f-a014-ab954162e254
    FirstLBA 1435648  Last LBA 1697791
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 4078cff0-ec24-42a7-b5ed-fde3d0e7df8f
    FirstLBA 1697792  Last LBA 468731627
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID cf456e51-637-426b-b1a8-291bd9955b2
    FirstLBA 468731904  Last LBA 470484991
    Attributes 1
    Partition Name                                     

    Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 70c7c8bf-8776-4900-a214-8a346a3c278d
    FirstLBA 470484992  Last LBA 937426943
    Attributes 0
    Partition Name                 Basic data partition

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 2ec0621a-e708-457c-bdd8-acbd7cafad24
    FirstLBA 937428992  Last LBA 976773119
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-465C25EE574A1FE2C37CDACB84A184A4A123EC06.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-465C25EE574A1FE2C37CDACB84A184A4A123EC06.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-465C25EE574A1FE2C37CDACB84A184A4A123EC06.bin.83" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

AdwCleaner[C00].txt

-------------------------------

# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-16-2019
# Duration: 00:00:02
# OS:       Windows 10 Home
# Cleaned:  3
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Public\Documents\Downloaded Installers
Deleted       C:\Users\Usuari\AppData\Local\slimware utilities inc

***** [ Files ] *****

Deleted       C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1434 octets] - [16/04/2019 11:58:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Bueno, ya tienes todos los reportes, espero paciente instrucciones :wink:

Por cierto, me gustaría comentarte una cosa, en todos los Usbs, no tenía infección, pero en uno, en el de menor tamaño, había una carpeta por nombre ALIDVRS y un archivo: test_write1.dvr (si no los escribo mal…). Cosas tan raras ni por asomo las he puesto yo, ¿qué pueden ser? ¿crees que las puedo (o debo) borrar sin problemas?

Muchas gracias por tu atención :slight_smile:

Recibe un cordial saludo Miguel.

alonsotaku

https://www.ftatv.org/foro/viewtopic.php?t=4594

Esto es sobre es carpeta de tu Usb…lee las primeras respuestas

Luego ejecuta la herramienta de limpieza de Malwarebytes.

Reinicia el pc y reinstalas

Comentas como va todo