Malware que multiplica tareas Trojan.Agent.AutoIt.Generic

Le he pasado Rkill by Grinler, Malwarebytes 4.x y ESET Online QuickScan pero se me siguen multiplicando las tareas consumiendo mucha memoria y ralentizando el equipo. ¿Que he de hacer ahora?

Mi sistema operativo es Windows 10

Hola @mherna4

Bienvenido al Foro!!!

Puedes identificar que tareas se multiplican, revisa el Administrador de Tareas o que proceso te consume la memoria?

Pega en tu próxima respuesta los reportes que te generaron esas herramientas.

Salu2

Las tareas que se multiplican es el Bloc de notas y los navegadores: Google Crome, Firefox, Brave, … los que tengo instalados y abro una sesión.

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/14/2020 01:05:53 AM in x64 mode.
Windows Version: Windows 10 Home 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 01/14/2020 01:06:10 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

Hola @mherna4

Faltan los reportes de Malwarebytes y Eset, te dejo sus manuales para que sepas como encontrarlos y pegarlos en tu próxima respuesta:


Ademas realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 14/1/20
Hora del análisis: 20:31
Archivo de registro: 6ecee5ce-3704-11ea-b7c4-48e244f5cbb0.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.793
Versión del paquete de actualización: 1.0.17730
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.535)
CPU: x64
Sistema de archivos: NTFS
Usuario: DELL-MARIANO\mhern

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 337860
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 8 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
14/01/2020 21:49:38
Archivos analizados: 626564
Archivos infectados: 2
Amenazas desinfectadas: 0
Tiempo total de análisis 01:04:26
Estado del análisis: Finalizado
C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa	Ha ocurrido un error mientras se estaba eliminación (Acceso denegado).

C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-959.vpx	Win32/Bundled.Toolbar.Google.D aplicación potencialmente peligrosa	Ha ocurrido un error mientras se estaba eliminación (Acceso denegado).
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 12-01-2020
Ejecutado por mhern (14-01-2020 22:06:31)
Ejecutado desde C:\Users\mhern\Downloads
Windows 10 Home Versión 1909 18363.535 (X64) (2019-10-03 20:38:26)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3787823761-1503905710-587562436-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3787823761-1503905710-587562436-503 - Limited - Disabled)
Invitado (S-1-5-21-3787823761-1503905710-587562436-501 - Limited - Disabled)
mhern (S-1-5-21-3787823761-1503905710-587562436-1001 - Administrator - Enabled) => C:\Users\mhern
WDAGUtilityAccount (S-1-5-21-3787823761-1503905710-587562436-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
adobe (HKLM\...\{1AB383B9-C9F6-4E37-8F41-5AAEF11B8A36}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2019 (HKLM-x32\...\DRWV_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 7.0.0.0 - iMobie Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.59.1 - Asmedia Technology)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Ayuda y asistencia técnica de Dell (HKLM\...\{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.) Hidden
Ayuda y asistencia técnica de Dell (HKLM-x32\...\InstallShield_{8917AEA5-01A5-476F-AA27-A52EA6C94212}) (Version: 2.6.1.0 - Dell Inc.)
calibre 64bit (HKLM\...\{C9FD7BFF-6054-449C-BCDB-C2A0B43516A7}) (Version: 4.5.0 - Kovid Goyal)
Citrix Online Launcher (HKLM-x32\...\{CC8F903A-9698-4245-9A38-22412DEF1029}) (Version: 1.0.446 - Citrix)
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM)
Corel Graphics - Windows Shell Extension (HKLM\...\_{C7C5C180-248D-4CF4-8636-4568DE8EDC3B}) (Version: 19.1.0.419 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{C7C5C180-248D-4CF4-8636-4568DE8EDC3B}) (Version: 19.1.419 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{58EA2241-5840-4C95-A5A5-82FD2F037D72}) (Version: 19.1.419 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.4.245 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - Capture (x64) (HKLM\...\{AC9BB7B7-A763-43C5-9830-F3B78FDB051D}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Common (x64) (HKLM\...\{B8C51F00-63AE-4327-A533-375CB7B6BF26}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Connect (x64) (HKLM\...\{BD0F92AD-DFDB-4BC5-BAA5-FB27892F9483}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Custom Data (x64) (HKLM\...\{E7975CC5-05E4-45E3-AFD3-234809F694A0}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Draw (x64) (HKLM\...\{A16C7EEB-69CB-42A1-AD10-0E19A133D957}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - ES (x64) (HKLM\...\{0EAC29D4-5379-4595-ACE9-FA6A3DC08418}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Filters (x64) (HKLM\...\{EEC42BAD-9517-450D-AF99-FA3C16D0377C}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Font Manager (x64) (HKLM\...\{D276DE88-654E-4738-A736-6E18D12F0C34}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content ES (x64) (HKLM\...\{B8719BFF-D4FE-45C7-99E1-811EBF8BB6CD}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM T (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - PHOTO-PAINT (x64) (HKLM\...\{B2D66383-4F98-4108-B6A3-F9CF8715875C}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Redist (x64) (HKLM\...\{47865C60-4ED8-4678-B23F-C2D1C2DDC09C}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Setup Files (x64) (HKLM\...\{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VBA (x64) (HKLM\...\{5330DEB9-A612-4679-ACC1-D3D9C6190824}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - VideoBrowser (x64) (HKLM\...\{C451F155-26B7-48F2-8A8F-9428B4D479D2}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Workspaces (x64) (HKLM\...\{F3EFAF0E-DF3C-4384-8A0F-90D79FEFD7F5}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 (64-Bit) (HKLM\...\_{07B49D5C-2AB6-4D40-8A9B-BEDA6021A7C7}) (Version: 19.1.0.419 - Corel Corporation)
CorelDRAW Graphics Suite 2017 (HKLM\...\{79C52519-B717-45C2-8845-E55419A8E685}) (Version: 19.1 - Corel Corporation) Hidden
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{40B4F37A-DBE4-49AE-9B42-B4C49A81D2C9}) (Version: 4.0.41.0 - Dell Inc.)
Dell Dock Update (HKLM-x32\...\{6C4547B7-084A-4992-BFBF-9F6C6E2DC3EA}) (Version: 1.0.115.0 - Dell Inc.)
Dell PremierColor (HKLM\...\{5CA2B02F-FC89-4F42-A3DA-7649B8EFF194}) (Version: 2.0.199 - Portrait Displays, Inc.)
Dell SupportAssist Remediation (HKLM\...\{52564BB9-17C5-425E-ABEC-1DC2736AA775}) (Version: 5.0.1.10874 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{cd039b79-e779-4a8e-b9cd-25fac5b640cc}) (Version: 5.0.1.10874 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{67F3CB4D-F497-4C94-8CE4-4766E4AFAC9A}) (Version: 5.0.1.10874 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{0a512309-7eae-455f-a202-07038e9da624}) (Version: 5.0.1.10874 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 1.566.0.0 - Dell Inc.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FileZilla Client 3.46.3 (HKLM-x32\...\FileZilla Client) (Version: 3.46.3 - Tim Kosse)
Firefox Developer Edition 73.0 (x64 es-ES) (HKLM\...\Firefox Developer Edition 73.0 (x64 es-ES)) (Version: 73.0 - Mozilla)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Glary Utilities 5.133 (HKLM-x32\...\Glary Utilities 5) (Version: 5.133.0.159 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GoToMeeting 8.14.0.7716 (HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\GoToMeeting) (Version: 8.14.0.7716 - LogMeIn, Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{E8FF0A82-0696-4347-B4AE-708DE306FFE9}) (Version: 12.14.49.15 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.311 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6951 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.5.1025 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kindle Comic Converter (HKLM\...\{7D279A59-C65E-4DA7-B165-56DD06596216}_is1) (Version: 5.4.5 - Ciro Mattia Gonano, Paweł Jastrzębski)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.29.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.2 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Panel de control de NVIDIA 431.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.70 - NVIDIA Corporation) Hidden
PeaZip 7.0.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 7.0.0 - Giorgio Tani)
PNGOUTWin 1.0 (HKLM\...\PNGOUTWIN_is1) (Version: 1.0.5.100 - Ardfry Imaging, LLC)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 2.0.7 - Vaclav Slavik)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8233 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.215 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.33.419.2019 - Realtek)
Registro de product (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Registro de product Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
SMPlayer 19.10.0 (x64) (HKLM\...\SMPlayer) (Version: 19.10.0 - Ricardo Villalba)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Software Thunderbolt™ (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\WhatsApp) (Version: 0.3.9309 - WhatsApp)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.1.730 - Broadcom Corporation)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated)
Adobe XD CC -> C:\Program Files\WindowsApps\Adobe.CC.XD_17.0.12.11_x64__adky2gkssdxte [2019-03-15] (Adobe Systems Incorporated)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.50.0_x64__htrsf667h5kn2 [2019-12-21] (Dell Inc)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-04-02] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3787823761-1503905710-587562436-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1F5F47AF7C8D} -> [Creative Cloud Files] => C:\Users\mhern\Creative Cloud Files [2018-02-25 03:11]
CustomCLSID: HKU\S-1-5-21-3787823761-1503905710-587562436-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\mhern\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3787823761-1503905710-587562436-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-12-04] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki132932.inf_amd64_868558f81296a89b\igfxDTCM.dll [2019-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-11] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\mhern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

==================== Módulos cargados (Lista blanca) =============

2019-11-25 09:41 - 2016-07-21 10:54 - 000137728 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-11-25 09:41 - 2017-09-12 10:34 - 001506304 _____ () [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-06-19 13:02 - 2019-06-19 13:02 - 000019456 _____ () [Archivo no firmado] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [Archivo no firmado] C:\WINDOWS\System32\mvtcpmon.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [Archivo no firmado] C:\WINDOWS\System32\slp64.dll
2019-11-25 09:41 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [Archivo no firmado] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\sharepoint.com -> hxxps://auragroup-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2015-10-30 08:24 - 2019-01-04 15:09 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Dell\DW WLAN Card;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Calibre2\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mhern\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\StartupApproved\Run: => "DellSystemDetect"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [UDP Query User{DF490283-E9D8-4BC6-B84F-436634A3CA23}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe Ningún archivo
FirewallRules: [TCP Query User{4A2E31CE-9B76-41ED-AE48-85AA09FDD2F2}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe Ningún archivo
FirewallRules: [UDP Query User{BC2022FD-67AD-4638-85D7-7ED426B71426}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe Ningún archivo
FirewallRules: [TCP Query User{2EAC722A-5F11-4FE9-9CCE-5462A700BB61}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe Ningún archivo
FirewallRules: [UDP Query User{82E02CDD-54D6-4CEC-8C97-7A6C7BAA6546}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{581D0F52-2C7B-436D-A668-78D6AF7CD3E2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{984B43A0-E744-49F2-83F2-151CD79541D8}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA02D418-729A-4694-AB6C-E11228C1ED22}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E063D3CF-C0E2-4A99-A7BE-55AA45A38FCF}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{AB6EF53D-3F93-471F-97E6-D3E61BFC3065}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{ABAD0ACD-CABB-4450-AE12-70FB452C60AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{483DA937-E31A-43EC-8498-43CD1CD120E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{581C6DB6-E6ED-41DE-818E-1EB8AE657A7C}] => (Allow) LPort=161
FirewallRules: [{A650009A-B3D3-4D4F-8C46-C56CA6F9CC6F}] => (Allow) LPort=427
FirewallRules: [{371F63EA-E9CE-4A32-82FA-6C20C1AF35BA}] => (Allow) LPort=9100
FirewallRules: [{BE99B36A-DF25-4348-8E80-1973C2196C24}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{1B2E61DA-8399-451E-8D89-1349C3DF1CCD}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{A4C7C5DF-004F-4A7D-A349-99EDA4E37DE7}] => (Allow) C:\Ahora\_recursos\office2\Activadores\Microsoft.Toolkit.v2.6.BETA.1-CODYQX4\Microsoft Toolkit.exe Ningún archivo
FirewallRules: [{1D7945E5-58FE-46FF-B2F7-0729887139EA}] => (Allow) C:\Ahora\_recursos\office2\Activadores\Microsoft.Toolkit.v2.6.BETA.1-CODYQX4\Microsoft Toolkit.exe Ningún archivo
FirewallRules: [{D1ABEA1D-D818-406C-A8C0-53E224041E90}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BAB3A61-F660-437D-92FA-1CB398540BEC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9726261B-CB50-4421-855A-D9784633F731}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2309D231-7046-4DA6-904D-62D048FFBE36}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5A82A55D-448B-4ABC-99B3-1AF2711032A4}C:\program files\smplayer\simple_web_server.exe] => (Allow) C:\program files\smplayer\simple_web_server.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{178FF953-F1F0-442F-B7CA-AA91166A3788}C:\program files\smplayer\simple_web_server.exe] => (Allow) C:\program files\smplayer\simple_web_server.exe () [Archivo no firmado]
FirewallRules: [{52A7381B-F020-4ABE-B550-059090167494}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6BC4256B-C08F-478F-B672-02EAA6E1D3F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{84D9DB7F-A000-4B82-8CA4-0B4E61286D90}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{19ABBA1C-7F6F-406E-B76D-D437026CC276}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Systems Incorporated -> Node.js)
FirewallRules: [UDP Query User{AC5529B6-FC64-4982-A7D2-3120106D7F18}C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe] => (Block) C:\program files\adobe\adobe dreamweaver cc 2019\node\node.exe (Adobe Systems Incorporated -> Node.js)
FirewallRules: [{05B42BDF-B0BD-4E58-9124-D9D93621B16B}] => (Block) %ProgramFiles%\Adobe\Adobe Dreamweaver CC 2019\Dreamweaver.exe Ningún archivo
FirewallRules: [TCP Query User{2D55645C-6367-48C5-8A40-9121DFB4C8C9}C:\users\mhern\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\mhern\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D665D8D5-B1E1-4B75-934A-D383ED17A519}C:\users\mhern\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\mhern\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9473E51A-7239-4AC7-A5E6-EAAB9162C57E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8B3C264-060A-4E0C-A242-4833680D6FA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A0EB4F0E-DA17-4223-A7AE-4D0E412483B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6BC77652-7F64-4CFF-81FE-AF9DCBA315E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DDDB0E2D-C288-4575-9953-6A363C513404}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

23-12-2019 18:23:33 Dell Client Management Service
13-01-2020 22:16:05 Instalador de Módulos de Windows

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/14/2020 09:36:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15948,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 08:46:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9248,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 08:35:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7704,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 08:25:36 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 13464 y el tamaño necesario es 43160.

Error: (01/14/2020 01:45:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18304,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 01:38:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2008,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 01:31:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21188,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 01:06:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (412,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (01/14/2020 08:44:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (01/14/2020 08:44:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mhern\AppData\Local\Temp\ehdrv.sys

Error: (01/14/2020 08:44:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (01/14/2020 08:44:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mhern\AppData\Local\Temp\ehdrv.sys

Error: (01/14/2020 08:44:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (01/14/2020 08:44:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mhern\AppData\Local\Temp\ehdrv.sys

Error: (01/14/2020 08:44:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (01/14/2020 08:44:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mhern\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================

Date: 2020-01-14 22:06:42.628
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:42.620
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:11.518
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:06.293
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:04.321
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:03.897
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:03.869
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-14 22:06:03.828
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: Dell Inc. 1.12.0 10/03/2019
Placa base: Dell Inc. 0N7TVV
Procesador: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Porcentaje de memoria en uso: 53%
RAM física total: 16245.57 MB
RAM física disponible: 7530.88 MB
Virtual total: 21877.57 MB
Virtual disponible: 11634.14 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:463.94 GB) (Free:268.44 GB) NTFS

\\?\Volume{3dfd0db8-5268-4425-a8d3-0706c1cf1d8f}\ () (Fixed) (Total:0.77 GB) (Free:0.34 GB) NTFS
\\?\Volume{18631039-17db-441d-a237-a5072ac6d38b}\ (Image) (Fixed) (Total:11.61 GB) (Free:0.65 GB) NTFS
\\?\Volume{4bbcc010-b14e-4fc5-9df2-5a6a80908245}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: E00A89FA)

Partition: GPT.

==================== Final de Addition.txt =======================
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 12-01-2020
Ejecutado por mhern (administrador) sobre DELL-MARIANO (Dell Inc. XPS 15 9550) (14-01-2020 22:05:24)
Ejecutado desde C:\Users\mhern\Downloads
Perfiles cargados: mhern (Perfiles disponibles: mhern)
Platform: Windows 10 Home Versión 1909 18363.535 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arcai.com) [Archivo no firmado] C:\Program Files (x86)\netcut\services\aips.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Dock Update\DUWrapperService.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132932.inf_amd64_868558f81296a89b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132932.inf_amd64_868558f81296a89b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132932.inf_amd64_868558f81296a89b\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132932.inf_amd64_868558f81296a89b\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki132932.inf_amd64_868558f81296a89b\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(PORTRAIT DISPLAYS, INC. -> ) C:\Program Files\Portrait Displays\Dell PremierColor\CTHelper.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9244656 2017-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502704 2017-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PremierColor] => C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe [3889904 2015-11-14] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502704 2017-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2019-12-09] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\Run: [50a3a293] => C:\ProgramData\Intel\Wireless\622b466\fdckaif.exe C:\ProgramData\Intel\Wireless\622b466\3874450.au3
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2015-08-21] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-02-24]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
BootExecute: autocheck autochk *  
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {00F664E8-E662-4443-B3DA-3B72AB396405} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {03FEDB07-E342-468F-8226-9085C5EC21E5} - System32\Tasks\{8F39D06C-F036-432C-B4B9-2D8630855E3C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.103/es/go/help.faq.installer?LastError=1603
Task: {06DA189C-CB8B-4500-BC36-F93473D1079B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07B1BC67-687E-48F0-8656-83B44228D4F5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {0968913E-B2EF-428E-8325-91009B3D0FBA} - System32\Tasks\{D3B746EB-33DF-4990-B6C4-DF13A55559A8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.28.64.101/es/go/help.faq.installer?LastError=1603
Task: {0A9228D9-1A5A-4426-982F-02F22F01A3C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {0C04F1E8-FCDB-4BDD-83B4-ED0BF7C99D03} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1627072 2017-09-26] (Corel Corporation -> Corel Corporation)
Task: {0E2250A9-C6E5-4948-BE15-8B094890DB13} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12966A28-4774-440C-86A0-98CE2ED6E5EC} - System32\Tasks\{18601FAE-CA7B-4B88-ABB1-40DE49345852} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.28.0.101/es/go/help.faq.installer?LastError=1603
Task: {15F33D86-8E62-49C3-8C1B-D713A2DE9C64} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {1C911887-B4DA-438E-A065-EF2714960C98} - System32\Tasks\G2MUploadTask-S-1-5-21-3787823761-1503905710-587562436-1001 => C:\Users\mhern\AppData\Local\GoToMeeting\7716\g2mupload.exe [31808 2017-10-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {20C02699-0CEA-48B7-9E6C-DD0A4C16A240} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {22B886AB-85AF-4FC6-A51C-E39A5B656347} - System32\Tasks\G2MUpdateTask-S-1-5-21-3787823761-1503905710-587562436-1001 => C:\Users\mhern\AppData\Local\GoToMeeting\7716\g2mupdate.exe [31808 2017-10-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {2BE68D43-325B-4E0F-963D-1025C1577527} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {2E808AC8-6A43-4B2E-AEB0-9227C3904D3C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {2FD033D7-5D0E-40F3-AC22-A726E575FF44} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3572477F-6D1E-400F-A2EB-C824260FE8DB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35FC9DF1-DE67-4B1F-BB16-6B79DC909259} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3B1AE771-BDEE-4AF1-923B-3A27EE0A75B1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B863F17-BA47-4B32-B7AE-F7F018F71ECD} - System32\Tasks\{04C4FBDC-51C2-4ACC-94FF-A7495CC5A066} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.24.0.104/es/go/help.faq.installer?LastError=1603
Task: {3F880ACA-0F6B-4BED-82E6-2BFCF82D8F50} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [916464 2019-12-09] (Glarysoft LTD -> Glarysoft Ltd)
Task: {425155A9-59EA-452A-A927-4FBF71D9D4C1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4AF7A6EF-83D5-49C4-9B09-5FDE66C1288D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-11] (Google Inc -> Google Inc.)
Task: {50D38591-0AE5-49A7-B175-543DFBB1C4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {55D09E80-B69B-4F4B-A5B2-69EFC734186C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56357FDD-1904-446B-91D6-29BFFC82F790} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {5DFA68EC-F512-43FD-AA8A-DD66B3BDFE66} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {5F5FAE71-0E72-4EFE-A9C1-4B627F8EA5D8} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {612D3AA4-121C-4B74-9398-324E3100DFCA} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502704 2017-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6E893E61-95E7-4220-BAA0-83BEA8E8C61E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7135EFD0-F0C8-44F2-8C4A-FA0457EE66D9} - System32\Tasks\HPCeeScheduleFormhern => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {80247B6C-71B5-4ACE-89B1-6E32FF95A1F7} - System32\Tasks\{CD09B649-960D-4545-9D40-26DBF7F02885} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/es/abandoninstall?source=lightinstaller&page=tsBing
Task: {8070F585-92CD-445D-9502-4D27805BD071} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1627072 2017-09-26] (Corel Corporation -> Corel Corporation)
Task: {88A24992-5E40-4FF0-8C75-2ABE1FB6928D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9273A223-413A-4B4E-A907-AE383121B188} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {958F6BEC-8437-4CC7-8FB6-06B902F2356A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98DAFD4B-9378-4669-9930-6DB481A03D82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F15B95D-2C2C-4F17-B147-24D7448FD362} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-11] (Google Inc -> Google Inc.)
Task: {A7C1C0AD-D5AD-4D56-9CF3-6F080F59F77D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1114488 2020-01-07] (HP Inc. -> HP Inc.)
Task: {AF299E14-8ACE-4575-B0AE-83CF28D3994C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [277880 2019-11-22] (HP Inc. -> HP Inc.)
Task: {B03EE3E5-3703-423F-8C78-D454D93B7F69} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B04D6D57-D07F-4186-8CDE-5A7783ED988F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B96B9906-BEAF-4F2C-B8C5-688D13F27370} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D54B942F-EA9A-462A-9790-59173CF16093} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D622C728-6ADD-483B-8E73-65C42C87B977} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E3D5ED8F-A225-47C6-AF34-D13D1EA1B708} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {FFAEA695-88F1-4A26-9435-E91B7F4F743E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3787823761-1503905710-587562436-1001.job => C:\Users\mhern\AppData\Local\GoToMeeting\7716\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3787823761-1503905710-587562436-1001.job => C:\Users\mhern\AppData\Local\GoToMeeting\7716\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFormhern.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DELL MARIANO

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\..\Interfaces\{37d3be72-a9f9-40fe-932b-ff53dfab7d2e}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{65b83a9c-4e86-4bae-a0e8-835d89defe42}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{7ae9b255-fcaf-4e3c-9e9a-4a6eaf949d31}: [DhcpNameServer] 192.168.0.1 127.0.0.1 128.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3787823761-1503905710-587562436-1001 -> DefaultScope {992EA659-F24F-429A-BA5C-D59570426462} URL = 
SearchScopes: HKU\S-1-5-21-3787823761-1503905710-587562436-1001 -> {992EA659-F24F-429A-BA5C-D59570426462} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Sin Nombre -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Ningún archivo
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Sin Nombre -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Ningún archivo
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Ningún archivo

Edge: 
======
DownloadDir: C:\Users\mhern\Downloads

FireFox:
========
FF DefaultProfile: k68tiznx.default-1491218188634-1568123687415
FF ProfilePath: C:\Users\mhern\AppData\Roaming\Mozilla\Firefox\Profiles\qpn5b65l.dev-edition-default [2020-01-14]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\mhern\AppData\Roaming\Mozilla\Firefox\Profiles\qpn5b65l.dev-edition-default\Extensions\[email protected] [2019-12-21]
FF Extension: (Avast Online Security) - C:\Users\mhern\AppData\Roaming\Mozilla\Firefox\Profiles\qpn5b65l.dev-edition-default\Extensions\[email protected] [2020-01-09]
FF ProfilePath: C:\Users\mhern\AppData\Roaming\Mozilla\Firefox\Profiles\k68tiznx.default-1491218188634-1568123687415 [2019-12-26]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\mhern\AppData\Roaming\Mozilla\Firefox\Profiles\k68tiznx.default-1491218188634-1568123687415\Extensions\[email protected] [2019-02-08]
FF Extension: (Avast Online Security) - C:\Users\mhern\AppData\Roaming\Mozilla\Firefox\Profiles\k68tiznx.default-1491218188634-1568123687415\Extensions\[email protected] [2019-10-04] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Heredado] [no firmado]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3787823761-1503905710-587562436-1001: @citrixonline.com/appdetectorplugin -> C:\Users\mhern\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-01-12] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-3787823761-1503905710-587562436-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\mhern\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3787823761-1503905710-587562436-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\mhern\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: Firefox-CA9422711AE1A81C - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.es/
CHR StartupUrls: Default -> "hxxps://www.google.es/webhp?hl=es"
CHR Notifications: Default -> hxxps://forospyware.com
CHR Profile: C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default [2020-01-14]
CHR Extension: (Traductor de Google) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Presentaciones) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (ColorZilla) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2018-10-10]
CHR Extension: (YouTube) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-11]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2016-04-04]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Fonts Ninja) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2019-12-16]
CHR Extension: (Hojas de cálculo) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08]
CHR Extension: (Avast Online Security) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20]
CHR Extension: (Wappalyzer) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2020-01-01]
CHR Extension: (Ver Imagen) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2019-11-03]
CHR Extension: (Player para ver Movistar+) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-06]
CHR Extension: (CSS Peeper) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbnbehikldjhnfehhnaidhjhoofhpehk [2019-06-03]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2019-11-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR Profile: C:\Users\mhern\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [Archivo no firmado]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38096 2019-06-19] (Dell Inc -> )
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [41008 2018-01-15] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [308424 2019-11-25] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 DellDockUpdate; C:\Program Files (x86)\Dell Dock Update\DUWrapperService.exe [125808 2017-01-10] (Dell Inc -> )
R2 DellPremierColorService; C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe [175344 2015-11-14] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Archivo no firmado]
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-09-27] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413752 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [870760 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Archivo no firmado]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [783208 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Archivo no firmado]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [290392 2019-04-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-14] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333296 2017-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [88112 2016-07-13] (WDKTestCert Alex,130940336584439605 -> ASIX Electronics Corp.)
R3 BCMPCIEDHD63; C:\WINDOWS\system32\DRIVERS\bcmpciedhd63.sys [1063712 2017-10-18] (Broadcom Corporation -> Broadcom Corp)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32352 2016-10-13] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32952 2016-10-13] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-19] (Intel Corporation -> Intel Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-10-20] (Glarysoft LTD -> Glarysoft Ltd)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54272 2015-09-21] (Intel(R) Software -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70664 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [218288 2020-01-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-14] (Malwarebytes Inc -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_bb68e6430e82a94c\nvlddmkm.sys [22086592 2019-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-06-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2019-03-01] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-14 22:05 - 2020-01-14 22:06 - 000048883 _____ C:\Users\mhern\Downloads\FRST.txt
2020-01-14 22:05 - 2020-01-14 22:05 - 000000000 ____D C:\FRST
2020-01-14 21:51 - 2020-01-14 21:51 - 002573312 _____ (Farbar) C:\Users\mhern\Downloads\FRST64.exe
2020-01-14 21:49 - 2020-01-14 21:49 - 000001166 _____ C:\Users\mhern\Downloads\eset.txt
2020-01-14 20:43 - 2020-01-14 20:43 - 000000771 _____ C:\Users\mhern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-01-14 20:43 - 2020-01-14 20:43 - 000000672 _____ C:\Users\mhern\Desktop\ESET Online Scanner.lnk
2020-01-14 20:42 - 2020-01-14 20:42 - 008162616 _____ (ESET spol. s r.o.) C:\Users\mhern\Downloads\esetonlinescanner_esn.exe
2020-01-14 20:40 - 2020-01-14 20:40 - 000001544 _____ C:\Users\mhern\Downloads\malwarebytes.txt
2020-01-14 20:30 - 2020-01-14 20:30 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-14 20:30 - 2020-01-14 20:30 - 000002023 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-01-14 20:30 - 2020-01-14 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-14 20:29 - 2020-01-14 20:29 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-14 20:29 - 2020-01-14 20:29 - 000218288 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-14 20:29 - 2020-01-14 20:29 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-14 20:29 - 2020-01-14 20:29 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-14 20:29 - 2020-01-14 20:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-14 20:29 - 2020-01-14 20:29 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-14 20:28 - 2020-01-14 20:28 - 001883976 _____ (Malwarebytes) C:\Users\mhern\Downloads\MBSetup.exe
2020-01-14 00:36 - 2020-01-14 10:04 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2020-01-13 20:16 - 2020-01-14 01:06 - 000002592 _____ C:\Users\mhern\Desktop\Rkill.txt
2020-01-13 17:58 - 2020-01-13 17:58 - 000016580 _____ C:\Users\mhern\Downloads\logo-tls.jpeg
2020-01-12 20:37 - 2020-01-12 20:37 - 000315588 _____ C:\Users\mhern\Downloads\TU40_3860.pdf
2020-01-03 19:12 - 2020-01-03 19:13 - 224408166 _____ C:\Users\mhern\Downloads\christmas-holiday-greeting-design-mockup.zip
2020-01-01 19:55 - 2019-12-16 16:36 - 000006709 _____ C:\Users\mhern\Downloads\Inline-Login-Form-Global-Header-Template.json
2019-12-30 22:21 - 2019-12-30 22:21 - 000004252 _____ C:\Users\mhern\Downloads\Inline-Login-Form-Global-Header-Template.json_.zip
2019-12-21 15:19 - 2019-12-21 15:19 - 000001445 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-21 15:19 - 2019-12-21 15:19 - 000001445 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-12-21 15:18 - 2019-12-21 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2019-12-16 23:41 - 2019-10-28 15:58 - 001081930 _____ C:\Users\mhern\Downloads\3075798.eps
2019-12-16 23:41 - 2019-10-28 15:58 - 000357132 _____ C:\Users\mhern\Downloads\3075797.ai

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-14 21:55 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-14 21:49 - 2019-10-18 18:23 - 000002794 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleFormhern
2020-01-14 21:49 - 2019-10-18 18:23 - 000000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleFormhern.job
2020-01-14 21:49 - 2019-10-03 21:38 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-14 21:49 - 2019-10-03 21:38 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-14 21:49 - 2019-10-03 21:38 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C219F5A2-D49B-4F30-B10E-D34F11BE0023}
2020-01-14 21:49 - 2019-10-03 21:38 - 000003326 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-14 21:49 - 2019-10-03 21:38 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-14 21:49 - 2019-10-03 21:38 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-01-14 21:49 - 2019-10-03 21:38 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton
2020-01-14 21:49 - 2019-10-03 21:38 - 000002224 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2020-01-14 21:49 - 2019-10-03 21:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-14 20:29 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-14 20:26 - 2017-04-18 13:55 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-14 20:25 - 2018-02-25 03:11 - 000000000 ___RD C:\Users\mhern\Creative Cloud Files
2020-01-14 20:25 - 2016-04-03 23:42 - 000000000 ____D C:\Users\mhern\AppData\Local\Adobe
2020-01-14 20:24 - 2016-03-11 13:33 - 000000000 __SHD C:\Users\mhern\IntelGraphicsProfiles
2020-01-14 14:53 - 2017-11-17 12:32 - 000000000 ____D C:\Users\mhern\AppData\Roaming\WhatsApp
2020-01-14 14:00 - 2016-04-04 00:53 - 000000000 ____D C:\Users\mhern\AppData\Roaming\PeaZip
2020-01-14 13:00 - 2016-08-10 19:36 - 000001456 _____ C:\Users\mhern\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-01-14 12:45 - 2016-11-26 20:44 - 000000000 ____D C:\Users\mhern\AppData\LocalLow\Mozilla
2020-01-14 11:21 - 2019-10-03 21:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-14 10:04 - 2017-12-25 23:57 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2020-01-14 10:04 - 2017-11-17 11:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-14 08:59 - 2019-11-15 23:55 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2020-01-14 08:59 - 2019-04-05 13:02 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2020-01-14 01:12 - 2019-10-03 21:36 - 001775182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-14 01:12 - 2019-03-19 12:59 - 000791286 _____ C:\WINDOWS\system32\perfh00A.dat
2020-01-14 01:12 - 2019-03-19 12:59 - 000156524 _____ C:\WINDOWS\system32\perfc00A.dat
2020-01-14 01:12 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-14 01:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-14 01:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-14 01:07 - 2019-10-03 21:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-14 01:07 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-14 00:34 - 2019-10-03 21:38 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-14 00:32 - 2016-03-11 14:27 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2020-01-13 22:53 - 2016-03-11 14:40 - 000000000 ____D C:\Users\mhern\AppData\Roaming\FileZilla
2020-01-13 22:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-13 22:18 - 2016-03-11 13:40 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-13 22:18 - 2016-03-11 13:40 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-13 22:18 - 2016-03-11 13:40 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-13 22:16 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-13 22:03 - 2019-05-15 18:40 - 000000000 ____D C:\Users\mhern\AppData\Local\cache
2020-01-13 19:05 - 2019-10-03 20:25 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-13 18:39 - 2018-02-25 04:28 - 000000033 _____ C:\Users\mhern\AppData\Roaming\AdobeWLCMCache.dat
2020-01-13 12:36 - 2016-03-11 14:01 - 000000000 ____D C:\Ahora
2020-01-12 20:17 - 2018-07-11 23:01 - 000000000 ____D C:\Users\mhern\AppData\Local\AVAST Software
2020-01-10 19:44 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-07 20:55 - 2019-10-03 21:31 - 000000000 ____D C:\Users\mhern
2020-01-03 19:06 - 2016-04-04 00:23 - 000000000 ____D C:\Users\mhern\AppData\Local\CrashDumps
2020-01-01 19:53 - 2016-03-11 14:40 - 000001929 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2020-01-01 19:53 - 2016-03-11 14:40 - 000001929 _____ C:\ProgramData\Desktop\FileZilla Client.lnk
2020-01-01 19:53 - 2016-03-11 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-01-01 19:53 - 2016-03-11 14:40 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2020-01-01 19:47 - 2016-06-08 16:54 - 000000000 ____D C:\Users\mhern\OneDrive\Documents\Biblioteca de calibre
2020-01-01 19:46 - 2016-05-13 19:43 - 000000000 ____D C:\Users\mhern\OneDrive\Documents\My Digital Editions
2019-12-23 18:24 - 2016-02-24 17:20 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-21 15:19 - 2017-04-18 13:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-21 15:19 - 2017-04-18 13:54 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-21 15:19 - 2016-03-11 13:33 - 000000000 ____D C:\Users\mhern\AppData\Local\NVIDIA Corporation
2019-12-21 15:19 - 2016-02-24 17:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-21 15:18 - 2016-11-04 11:29 - 000000855 _____ C:\Users\Public\Desktop\SMPlayer.lnk
2019-12-21 15:18 - 2016-11-04 11:29 - 000000855 _____ C:\ProgramData\Desktop\SMPlayer.lnk
2019-12-21 15:18 - 2016-11-04 11:29 - 000000000 ____D C:\Program Files\SMPlayer
2019-12-21 15:17 - 2018-11-01 20:56 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-12-21 15:17 - 2017-09-19 16:48 - 000000827 _____ C:\Users\mhern\Desktop\PeaZip.lnk
2019-12-21 15:17 - 2017-09-19 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2019-12-21 15:17 - 2017-09-19 16:48 - 000000000 ____D C:\Program Files\PeaZip
2019-12-21 15:17 - 2016-03-11 14:28 - 000000000 ____D C:\Users\mhern\AppData\Roaming\Notepad++
2019-12-21 15:16 - 2016-03-11 14:27 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-12-21 15:16 - 2016-03-11 14:27 - 000001151 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-12-21 15:16 - 2016-03-11 14:27 - 000001151 _____ C:\ProgramData\Desktop\Glary Utilities 5.lnk
2019-12-21 15:15 - 2018-06-21 18:52 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2019-12-21 15:15 - 2018-06-21 18:52 - 000001078 _____ C:\Users\Public\Desktop\Audacity.lnk
2019-12-21 15:15 - 2018-06-21 18:52 - 000001078 _____ C:\ProgramData\Desktop\Audacity.lnk
2019-12-21 15:15 - 2016-05-13 19:44 - 000000000 ____D C:\Program Files (x86)\Audacity
2019-12-21 15:12 - 2019-11-25 09:40 - 000000000 ____D C:\Users\mhern\OneDrive\Documents\Wondershare Filmora 9
2019-12-21 15:12 - 2019-09-22 21:04 - 000000000 ____D C:\xampp
2019-12-20 20:45 - 2016-08-11 12:21 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-18 16:14 - 2019-12-11 16:50 - 000000000 ___HD C:\adobeTemp
2019-12-18 13:53 - 2017-12-23 22:34 - 000000600 _____ C:\Users\mhern\AppData\Local\PUTTY.RND
2019-12-17 18:39 - 2017-10-18 18:55 - 000000000 ____D C:\Users\mhern\AppData\Local\Packages

==================== Archivos en la raíz de algunos directorios ========

2018-02-25 04:28 - 2020-01-13 18:39 - 000000033 _____ () C:\Users\mhern\AppData\Roaming\AdobeWLCMCache.dat
2019-10-29 19:31 - 2019-10-29 19:31 - 000000028 _____ () C:\Users\mhern\AppData\Roaming\kulerdata.json
2016-04-04 00:30 - 2016-04-04 00:31 - 238722213 _____ () C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-04-04 00:30 - 2016-04-04 00:31 - 000002741 _____ () C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2016-08-10 19:36 - 2020-01-14 13:00 - 000001456 _____ () C:\Users\mhern\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2018-10-10 12:13 - 2018-10-10 12:13 - 000000000 _____ () C:\Users\mhern\AppData\Local\oobelibMkey.log
2017-12-23 22:34 - 2019-12-18 13:53 - 000000600 _____ () C:\Users\mhern\AppData\Local\PUTTY.RND
2017-11-23 14:34 - 2017-11-23 14:34 - 000000218 _____ () C:\Users\mhern\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Hola @mherna4

Ejecutaste FRST desde un lugar incorrecto:

  • Ejecutado desde C:\Users\mhern\ Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.


Luego sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\Run: [50a3a293] => C:\ProgramData\Intel\Wireless\622b466\fdckaif.exe C:\ProgramData\Intel\Wireless\622b466\3874450.au3
Folder: C:\ProgramData\Intel
VirusTotal: C:\ProgramData\Intel\Wireless\622b466\fdckaif.exe
VirusTotal: C:\ProgramData\Intel\Wireless\622b466\3874450.au3
C:\ProgramData\Intel
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {03FEDB07-E342-468F-8226-9085C5EC21E5} - System32\Tasks\{8F39D06C-F036-432C-B4B9-2D8630855E3C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.103/es/go/help.faq.installer?LastError=1603
Task: {0968913E-B2EF-428E-8325-91009B3D0FBA} - System32\Tasks\{D3B746EB-33DF-4990-B6C4-DF13A55559A8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.28.64.101/es/go/help.faq.installer?LastError=1603
Task: {12966A28-4774-440C-86A0-98CE2ED6E5EC} - System32\Tasks\{18601FAE-CA7B-4B88-ABB1-40DE49345852} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.28.0.101/es/go/help.faq.installer?LastError=1603
Task: {3B863F17-BA47-4B32-B7AE-F7F018F71ECD} - System32\Tasks\{04C4FBDC-51C2-4ACC-94FF-A7495CC5A066} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.24.0.104/es/go/help.faq.installer?LastError=1603
Task: {80247B6C-71B5-4ACE-89B1-6E32FF95A1F7} - System32\Tasks\{CD09B649-960D-4545-9D40-26DBF7F02885} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/es/abandoninstall?source=lightinstaller&page=tsBing
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3787823761-1503905710-587562436-1001 -> DefaultScope {992EA659-F24F-429A-BA5C-D59570426462} URL = 
SearchScopes: HKU\S-1-5-21-3787823761-1503905710-587562436-1001 -> {992EA659-F24F-429A-BA5C-D59570426462} URL = 
BHO: Sin Nombre -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Ningún archivo
BHO-x32: Sin Nombre -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Ningún archivo
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Ningún archivo
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
CHR Extension: (Avast Online Security) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
2020-01-14 21:49 - 2020-01-14 21:49 - 000001166 _____ C:\Users\mhern\Downloads\eset.txt
2020-01-14 20:43 - 2020-01-14 20:43 - 000000771 _____ C:\Users\mhern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-01-14 20:43 - 2020-01-14 20:43 - 000000672 _____ C:\Users\mhern\Desktop\ESET Online Scanner.lnk
2020-01-14 20:42 - 2020-01-14 20:42 - 008162616 _____ (ESET spol. s r.o.) C:\Users\mhern\Downloads\esetonlinescanner_esn.exe
2019-10-29 19:31 - 2019-10-29 19:31 - 000000028 _____ () C:\Users\mhern\AppData\Roaming\kulerdata.json
2016-04-04 00:30 - 2016-04-04 00:31 - 238722213 _____ () C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-04-04 00:30 - 2016-04-04 00:31 - 000002741 _____ () C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2018-10-10 12:13 - 2018-10-10 12:13 - 000000000 _____ () C:\Users\mhern\AppData\Local\oobelibMkey.log
2017-12-23 22:34 - 2019-12-18 13:53 - 000000600 _____ () C:\Users\mhern\AppData\Local\PUTTY.RND
ShellIconOverlayIdentifiers: [OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
FirewallRules: [UDP Query User{DF490283-E9D8-4BC6-B84F-436634A3CA23}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe Ningún archivo
FirewallRules: [TCP Query User{4A2E31CE-9B76-41ED-AE48-85AA09FDD2F2}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe Ningún archivo
FirewallRules: [UDP Query User{BC2022FD-67AD-4638-85D7-7ED426B71426}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe Ningún archivo
FirewallRules: [TCP Query User{2EAC722A-5F11-4FE9-9CCE-5462A700BB61}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe Ningún archivo
FirewallRules: [{A4C7C5DF-004F-4A7D-A349-99EDA4E37DE7}] => (Allow) C:\Ahora\_recursos\office2\Activadores\Microsoft.Toolkit.v2.6.BETA.1-CODYQX4\Microsoft Toolkit.exe Ningún archivo
FirewallRules: [{1D7945E5-58FE-46FF-B2F7-0729887139EA}] => (Allow) C:\Ahora\_recursos\office2\Activadores\Microsoft.Toolkit.v2.6.BETA.1-CODYQX4\Microsoft Toolkit.exe Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 12-01-2020
Ejecutado por mhern (15-01-2020 14:50:11) Run:1
Ejecutado desde C:\Users\mhern\Desktop
Perfiles cargados: mhern (Perfiles disponibles: mhern)
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\...\Run: [50a3a293] => C:\ProgramData\Intel\Wireless\622b466\fdckaif.exe C:\ProgramData\Intel\Wireless\622b466\3874450.au3
Folder: C:\ProgramData\Intel
VirusTotal: C:\ProgramData\Intel\Wireless\622b466\fdckaif.exe
VirusTotal: C:\ProgramData\Intel\Wireless\622b466\3874450.au3
C:\ProgramData\Intel
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {03FEDB07-E342-468F-8226-9085C5EC21E5} - System32\Tasks\{8F39D06C-F036-432C-B4B9-2D8630855E3C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.103/es/go/help.faq.installer?LastError=1603
Task: {0968913E-B2EF-428E-8325-91009B3D0FBA} - System32\Tasks\{D3B746EB-33DF-4990-B6C4-DF13A55559A8} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.28.64.101/es/go/help.faq.installer?LastError=1603
Task: {12966A28-4774-440C-86A0-98CE2ED6E5EC} - System32\Tasks\{18601FAE-CA7B-4B88-ABB1-40DE49345852} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.28.0.101/es/go/help.faq.installer?LastError=1603
Task: {3B863F17-BA47-4B32-B7AE-F7F018F71ECD} - System32\Tasks\{04C4FBDC-51C2-4ACC-94FF-A7495CC5A066} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.24.0.104/es/go/help.faq.installer?LastError=1603
Task: {80247B6C-71B5-4ACE-89B1-6E32FF95A1F7} - System32\Tasks\{CD09B649-960D-4545-9D40-26DBF7F02885} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/es/abandoninstall?source=lightinstaller&page=tsBing
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-3787823761-1503905710-587562436-1001 -> DefaultScope {992EA659-F24F-429A-BA5C-D59570426462} URL = 
SearchScopes: HKU\S-1-5-21-3787823761-1503905710-587562436-1001 -> {992EA659-F24F-429A-BA5C-D59570426462} URL = 
BHO: Sin Nombre -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Ningún archivo
BHO-x32: Sin Nombre -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> Ningún archivo
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Ningún archivo
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
CHR Extension: (Avast Online Security) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
2020-01-14 21:49 - 2020-01-14 21:49 - 000001166 _____ C:\Users\mhern\Downloads\eset.txt
2020-01-14 20:43 - 2020-01-14 20:43 - 000000771 _____ C:\Users\mhern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-01-14 20:43 - 2020-01-14 20:43 - 000000672 _____ C:\Users\mhern\Desktop\ESET Online Scanner.lnk
2020-01-14 20:42 - 2020-01-14 20:42 - 008162616 _____ (ESET spol. s r.o.) C:\Users\mhern\Downloads\esetonlinescanner_esn.exe
2019-10-29 19:31 - 2019-10-29 19:31 - 000000028 _____ () C:\Users\mhern\AppData\Roaming\kulerdata.json
2016-04-04 00:30 - 2016-04-04 00:31 - 238722213 _____ () C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-04-04 00:30 - 2016-04-04 00:31 - 000002741 _____ () C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2018-10-10 12:13 - 2018-10-10 12:13 - 000000000 _____ () C:\Users\mhern\AppData\Local\oobelibMkey.log
2017-12-23 22:34 - 2019-12-18 13:53 - 000000600 _____ () C:\Users\mhern\AppData\Local\PUTTY.RND
ShellIconOverlayIdentifiers: [OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
FirewallRules: [UDP Query User{DF490283-E9D8-4BC6-B84F-436634A3CA23}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe Ningún archivo
FirewallRules: [TCP Query User{4A2E31CE-9B76-41ED-AE48-85AA09FDD2F2}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe Ningún archivo
FirewallRules: [UDP Query User{BC2022FD-67AD-4638-85D7-7ED426B71426}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe Ningún archivo
FirewallRules: [TCP Query User{2EAC722A-5F11-4FE9-9CCE-5462A700BB61}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe Ningún archivo
FirewallRules: [{A4C7C5DF-004F-4A7D-A349-99EDA4E37DE7}] => (Allow) C:\Ahora\_recursos\office2\Activadores\Microsoft.Toolkit.v2.6.BETA.1-CODYQX4\Microsoft Toolkit.exe Ningún archivo
FirewallRules: [{1D7945E5-58FE-46FF-B2F7-0729887139EA}] => (Allow) C:\Ahora\_recursos\office2\Activadores\Microsoft.Toolkit.v2.6.BETA.1-CODYQX4\Microsoft Toolkit.exe Ningún archivo

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Procesos cerrados correctamente.
El punto de restauración fue creado correctamente.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN => restaurado correctamente
"HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Software\Microsoft\Windows\CurrentVersion\Run\\50a3a293" => eliminado correctamente

========================= Folder: C:\ProgramData\Intel ========================

2016-02-24 17:21 - 2016-02-24 17:21 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\DAL
2016-02-24 17:21 - 2017-02-04 22:41 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\DAL\Applets
2017-02-04 22:41 - 2015-08-25 06:22 - 000695583 ____A [D0B3621EAB59AD5DC964FDB1259B5D3D] () C:\ProgramData\Intel\DAL\Applets\8D67D9DD2AF54717AFF2FF7EF19DFADB.dalp
2017-02-04 22:41 - 2019-11-13 14:08 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\iCLS Client
2017-04-19 22:16 - 2017-10-12 21:48 - 000009811 ____A [D2B8CED88CAFAB529EF11D4C4B0007DC] () C:\ProgramData\Intel\iCLS Client\IntelPTTEKRecertification.log
2017-02-04 22:41 - 2017-02-04 22:41 - 000044565 ____A [AAA7005720D19A10D9D6ED9C8E0F3EE4] () C:\ProgramData\Intel\iCLS Client\socketheciserver.log
2019-11-13 14:08 - 2019-11-13 14:08 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\iCLS Client\conf
2019-02-13 12:15 - 2019-02-13 12:15 - 000004088 ____A [01058A6693EB98F118ADE74DFAFD1516] () C:\ProgramData\Intel\iCLS Client\conf\cacert.pem
2019-02-13 12:16 - 2019-02-13 12:16 - 000000876 ____A [46A4407658D1F44C0973E04BB01E9B0A] () C:\ProgramData\Intel\iCLS Client\conf\epid_paramcert.dat
2019-02-13 12:16 - 2019-02-13 12:16 - 000000461 ____A [D033868722411EBD2A7D8B58B28A61CB] () C:\ProgramData\Intel\iCLS Client\conf\epid2_paramcert.dat
2019-02-13 12:16 - 2019-02-13 12:16 - 002866696 ____A [5E7EB0B8FC4823EEC03DC255F5B12D49] () C:\ProgramData\Intel\iCLS Client\conf\EPIDGroupCertLegacy.cer
2019-02-13 12:16 - 2019-02-13 12:16 - 008233469 ____A [E754F2DD01C5E919DBFDE06DD098A29D] () C:\ProgramData\Intel\iCLS Client\conf\EPIDGroupCertX509.cer
2019-02-13 12:16 - 2019-02-13 12:16 - 000001486 ____A [FA524FA8B1020595DA689C1DF13A6B04] () C:\ProgramData\Intel\iCLS Client\conf\iclsProxy.conf
2019-11-13 14:08 - 2019-11-13 14:08 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\iCLS Client\Documents
2019-02-13 12:15 - 2019-02-13 12:15 - 000000013 ____A [95DF43D3E59FE2C1F137E05CD538365F] () C:\ProgramData\Intel\iCLS Client\Documents\development_tools.txt
2019-02-13 12:15 - 2019-02-13 12:15 - 000021203 ____A [CF9633D5BE2BC1EBC4A4D8A5E137DE5A] () C:\ProgramData\Intel\iCLS Client\Documents\License.txt
2019-02-13 12:15 - 2019-02-13 12:15 - 000001087 ____A [6D06801689423878353ABD2B0916F0C1] () C:\ProgramData\Intel\iCLS Client\Documents\Readme.txt
2019-02-13 12:15 - 2019-02-13 12:15 - 000000013 ____A [95DF43D3E59FE2C1F137E05CD538365F] () C:\ProgramData\Intel\iCLS Client\Documents\redist.txt
2019-02-13 12:15 - 2019-02-13 12:15 - 000008793 ____A [CE5A316BB9863381E134C72336E26850] () C:\ProgramData\Intel\iCLS Client\Documents\Third Party Licenses.txt
2018-05-20 18:40 - 2018-05-23 20:27 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\iCLS Client\log
2018-05-23 20:22 - 2019-04-05 13:03 - 000172573 ____A [5AE5E38FB28F49FB703B3A410BF0800D] () C:\ProgramData\Intel\iCLS Client\log\iclsClient.log
2018-05-23 20:22 - 2019-04-05 13:03 - 000021431 ____A [D4757C511977625278B4D0D35DB9436E] () C:\ProgramData\Intel\iCLS Client\log\iclsProxy.log
2018-05-23 20:27 - 2018-05-23 20:27 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Intel\iCLS Client\log\IntelPTTEKRecertification.log
2018-05-23 20:22 - 2018-05-23 20:22 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\ProgramData\Intel\iCLS Client\log\TPMProvisioningService.log
2016-02-24 17:20 - 2019-04-05 13:39 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Package Cache
2016-02-24 17:21 - 2019-11-13 14:07 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Package Cache\{05BC4EEB-70E9-4FDB-9A33-72482B0B128E}
2016-02-24 17:21 - 2019-11-13 14:07 - 000000387 ____A [1EF31C7E9B7DEFFC55855CB3975B7A55] () C:\ProgramData\Intel\Package Cache\{05BC4EEB-70E9-4FDB-9A33-72482B0B128E}\Install.data
2016-02-24 17:21 - 2019-11-13 14:08 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}
2018-05-20 18:40 - 2019-04-03 15:56 - 013756744 ____A [7B2CFA641AB984B055A5F83059AA3D51] (Intel Corporation) C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\iclsClientInstaller.exe
2016-02-24 17:22 - 2015-05-23 02:27 - 011005952 ____A [0ED0C9589B99557E514AC19AF6C73A22] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\iclsClientInstaller_x64.msi
2016-02-24 17:21 - 2019-11-13 14:07 - 000000442 ____A [FC85B9940944D76946789F1BD12FCCEF] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Install.data
2016-02-24 17:22 - 2015-05-22 10:25 - 001167360 ____A [0D69490E64E1185C42AB13FE88AC6335] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\IntelSA.msi
2016-02-24 17:22 - 2015-09-05 05:43 - 033136640 ____A [4A01993D055D47DE908F11FC1A3F575D] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\ME_App_x64.msi
2016-02-24 17:21 - 2015-09-05 05:42 - 009748480 ____A [537190C5236B61AF1F121F742C8BF443] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\ME_MEI_Drivers_x64.msi
2016-02-24 17:21 - 2015-09-05 05:43 - 000925696 ____A [B1054EADCFEC61B70845B56268EF434B] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\ME_SOL_Drivers_x64.msi
2016-02-24 17:22 - 2019-11-13 14:08 - 000000340 ____A [DBE6C0FBAC3F8AEE88889AB744F63125] () C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Prop.data
2018-05-20 18:40 - 2019-04-03 16:07 - 125290984 ____A [D41D8CD98F00B204E9800998ECF8427E] (Intel Corporation) C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe
2019-04-05 13:39 - 2019-04-05 13:39 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Package Cache\{4B87B69A-4C70-4F14-B22E-F2F4D02E8420}
2019-04-05 13:39 - 2019-04-05 13:39 - 000000451 ____A [A64C539D257C69824F9A842E02C8A0C7] () C:\ProgramData\Intel\Package Cache\{4B87B69A-4C70-4F14-B22E-F2F4D02E8420}\Install.data
2019-04-05 13:39 - 2019-04-05 13:39 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Package Cache\{6E69C50F-9E68-45CD-AF72-BE61E5BCC1C6}
2019-04-05 13:39 - 2019-04-05 13:39 - 000000383 ____A [C6DEC4C7C8C153CB72779FD70B42121B] () C:\ProgramData\Intel\Package Cache\{6E69C50F-9E68-45CD-AF72-BE61E5BCC1C6}\Install.data
2016-02-24 17:20 - 2019-03-18 18:41 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Package Cache\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}
2016-02-24 17:20 - 2019-03-18 18:41 - 000000462 ____A [14154AA039D70CC14040BCE2FF1CC8C8] () C:\ProgramData\Intel\Package Cache\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}\Install.data
2016-02-24 17:20 - 2019-03-18 18:41 - 000000128 ____A [0E94100C5B8E7421CE01D72E8A3D05E9] () C:\ProgramData\Intel\Package Cache\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}\Prop.data
2016-02-24 17:20 - 2015-07-20 14:49 - 002527232 ____A [973E4A5D041997593E13091A9610C940] () C:\ProgramData\Intel\Package Cache\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}\SerialIO_x64.msi
2016-02-24 17:20 - 2019-03-18 18:41 - 001138176 ____A [A5F980889681E76F1CBC8EA87F653C30] (Intel Corporation) C:\ProgramData\Intel\Package Cache\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}\Setup.exe
2019-03-16 11:53 - 2020-01-13 22:03 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\ShaderCache
2019-09-15 17:31 - 2019-09-15 17:31 - 000000024 ____A [C3E59A020B8F718FA3FAA060AEBD3E1F] () C:\ProgramData\Intel\ShaderCache\Adobe Desktop Service_0
2019-03-16 22:24 - 2019-09-15 17:31 - 000000024 ____A [C3E59A020B8F718FA3FAA060AEBD3E1F] () C:\ProgramData\Intel\ShaderCache\Adobe Desktop Service_1
2019-09-24 20:35 - 2019-09-24 20:35 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Adobe Spaces Helper_0
2019-04-03 03:19 - 2019-09-24 20:35 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Adobe Spaces Helper_1
2019-09-18 13:44 - 2019-11-13 11:44 - 000000024 ____A [69AA24F97FBA23595BC4BDD92F1D3A35] () C:\ProgramData\Intel\ShaderCache\CEPHtmlEngine_0
2019-03-17 20:20 - 2019-11-13 11:44 - 000026776 ____A [BFAF8E15BDA4081BBA1FA53309C0B404] () C:\ProgramData\Intel\ShaderCache\CEPHtmlEngine_1
2019-10-06 18:23 - 2019-10-06 18:23 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\chrome_0
2019-06-05 23:06 - 2019-10-06 18:23 - 000002912 ____A [8A2C20040D8AF8410AD465375B009BD3] () C:\ProgramData\Intel\ShaderCache\chrome_1
2019-06-22 21:21 - 2019-06-22 21:21 - 000002473 ____A [181C7DB0A9DC9E9A80DB61B10652017D] () C:\ProgramData\Intel\ShaderCache\CLVIEW_1
2019-09-18 17:37 - 2019-09-18 17:37 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\consent_0
2019-03-27 18:25 - 2019-09-18 17:37 - 000002903 ____A [A7601138C72DEEE2DA57849BEB4959A1] () C:\ProgramData\Intel\ShaderCache\consent_1
2019-11-25 09:41 - 2019-11-25 09:41 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\D3D11Test_0
2019-11-25 09:41 - 2019-11-25 09:41 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\D3D11Test_1
2019-04-02 19:54 - 2019-04-02 19:54 - 000003013 ____A [D4492F25F8A226317D278416499ECBF7] () C:\ProgramData\Intel\ShaderCache\DataExchangeHost_1
2019-09-14 19:24 - 2019-09-14 19:24 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\dwm_0
2019-03-16 11:53 - 2020-01-14 01:09 - 000149465 ____A [EB929D873F8A0268191C917E1339B6B7] () C:\ProgramData\Intel\ShaderCache\dwm_1
2019-09-19 10:30 - 2019-11-18 00:16 - 000000152 ____A [207D9E273CEBDF137CD563CE6F1E6262] () C:\ProgramData\Intel\ShaderCache\EXCEL_0
2019-03-17 20:00 - 2019-11-18 00:19 - 000003308 ____A [7A10AE4599B4F922FB92C4C84D5926D1] () C:\ProgramData\Intel\ShaderCache\EXCEL_1
2019-09-14 20:36 - 2019-09-14 20:36 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Explorer_0
2019-03-16 22:24 - 2019-11-20 01:47 - 000003311 ____A [9F8BACDED000EC2911E7DBAD6BE2E042] () C:\ProgramData\Intel\ShaderCache\Explorer_1
2019-09-14 19:24 - 2019-09-14 19:24 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\firefox_0
2019-03-18 14:41 - 2019-09-23 13:36 - 000012879 ____A [B43AF3A9866E4C33EF32BFAD3673899E] () C:\ProgramData\Intel\ShaderCache\firefox_1
2019-12-14 20:14 - 2019-12-14 20:14 - 000000024 ____A [6F35194E859C2C45722B82679C336D48] () C:\ProgramData\Intel\ShaderCache\IEXPLORE_0
2019-06-22 19:09 - 2019-12-14 20:14 - 000002495 ____A [D0E3D5B4CDEFD004CFDA389896A69133] () C:\ProgramData\Intel\ShaderCache\IEXPLORE_1
2019-09-18 17:30 - 2019-09-18 17:30 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Illustrator_0
2019-04-02 11:32 - 2019-09-18 17:30 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Illustrator_1
2019-09-14 20:36 - 2019-09-14 20:36 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\LogonUI_0
2019-03-16 11:56 - 2019-09-17 14:36 - 000004561 ____A [6C5CEA4A5AB94E742AB8016285062F44] () C:\ProgramData\Intel\ShaderCache\LogonUI_1
2020-01-13 22:03 - 2020-01-14 20:35 - 000000536 ____A [A660CE54751BBAA3D09D1484B3D48725] () C:\ProgramData\Intel\ShaderCache\mbam_0
2020-01-13 22:03 - 2020-01-14 20:30 - 000006937 ____A [6B3E844A968DCDC1EE39C8E2E289A302] () C:\ProgramData\Intel\ShaderCache\mbam_1
2019-10-12 18:16 - 2019-10-12 18:16 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\MRT_0
2019-04-10 13:16 - 2019-10-12 18:16 - 000001758 ____A [18959783E141F1EC0DC68721C4356B5B] () C:\ProgramData\Intel\ShaderCache\MRT_1
2019-10-03 22:31 - 2019-10-03 22:31 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\MsMpEng_0
2019-10-03 22:31 - 2019-10-03 22:31 - 000001756 ____A [3DEB7904EEBAA672DEE61F44E4C9054F] () C:\ProgramData\Intel\ShaderCache\MsMpEng_1
2019-05-15 16:23 - 2019-05-15 16:23 - 000000024 ____A [D85A234B6A18D6DA67B33B3575C8937A] () C:\ProgramData\Intel\ShaderCache\MusNotificationUx_1
2019-12-21 15:19 - 2019-12-21 15:19 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\NVIDIA GeForce Experience_0
2019-12-21 15:19 - 2019-12-21 15:19 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\NVIDIA GeForce Experience_1
2019-09-14 19:24 - 2019-09-14 19:24 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\NVIDIA Share_0
2019-09-02 19:04 - 2019-11-25 13:23 - 000007975 ____A [1D4A295DDA0C5A1F025E97F8D03E9996] () C:\ProgramData\Intel\ShaderCache\NVIDIA Share_1
2019-09-18 13:45 - 2019-09-18 13:45 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Photoshop_0
2019-03-17 20:20 - 2019-09-18 13:45 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Photoshop_1
2019-09-20 22:47 - 2019-09-20 22:47 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\PickerHost_0
2019-09-20 22:47 - 2019-09-20 22:47 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\PickerHost_1
2019-11-05 11:17 - 2019-11-05 11:17 - 000000024 ____A [0EBAFC183AEBE94BAE91987248FA8F95] () C:\ProgramData\Intel\ShaderCache\PluginHost_0
2019-11-05 11:17 - 2019-11-05 11:34 - 000000779 ____A [11D45393E8B0E65D0B5A2625DC20C106] () C:\ProgramData\Intel\ShaderCache\PluginHost_1
2019-10-03 20:12 - 2019-10-03 20:12 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\POWERPNT_0
2019-04-07 20:29 - 2019-10-03 20:12 - 000002718 ____A [629039455576B96A86C2A4CFA6A5B0D1] () C:\ProgramData\Intel\ShaderCache\POWERPNT_1
2019-09-30 19:14 - 2019-09-30 19:14 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\printfilterpipelinesvc_0
2019-03-20 20:38 - 2019-09-30 19:14 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\printfilterpipelinesvc_1
2019-11-05 11:16 - 2019-11-05 11:16 - 000000024 ____A [DB44D025AEDC77D2D98C06FC55840899] () C:\ProgramData\Intel\ShaderCache\Skype Meetings App_0
2019-11-05 11:16 - 2019-11-05 11:34 - 000013618 ____A [D1543D723A37E5D2490427F8823CD9D3] () C:\ProgramData\Intel\ShaderCache\Skype Meetings App_1
2019-05-15 18:40 - 2019-05-15 18:40 - 000000024 ____A [D85A234B6A18D6DA67B33B3575C8937A] () C:\ProgramData\Intel\ShaderCache\Snap Camera_1
2019-10-01 10:10 - 2019-10-01 10:10 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\soffice_0
2019-10-01 10:10 - 2019-10-01 10:10 - 000001058 ____A [802213AC15D4DF5C2E007E00F52A4778] () C:\ProgramData\Intel\ShaderCache\soffice_1
2019-09-04 18:13 - 2019-09-04 18:13 - 000000024 ____A [D85A234B6A18D6DA67B33B3575C8937A] () C:\ProgramData\Intel\ShaderCache\splwow64_1
2019-04-02 19:51 - 2019-04-02 19:51 - 000000024 ____A [D85A234B6A18D6DA67B33B3575C8937A] () C:\ProgramData\Intel\ShaderCache\svchost_1
2019-09-17 14:36 - 2019-09-17 14:36 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\SystemSettings_0
2019-03-16 11:55 - 2019-10-03 20:02 - 000004566 ____A [B1B9CF7C93EFAE7BD76E61B45F79AAB6] () C:\ProgramData\Intel\ShaderCache\SystemSettings_1
2019-09-15 17:34 - 2019-09-15 17:34 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\taskhostw_0
2019-03-16 22:24 - 2019-09-15 17:34 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\taskhostw_1
2019-09-17 19:55 - 2019-12-29 22:28 - 000000792 ____A [DD711A5BA2828B0C3A1E72BA5838820C] () C:\ProgramData\Intel\ShaderCache\WhatsApp_0
2019-03-16 22:48 - 2020-01-13 17:54 - 000209633 ____A [6BF246BA6A3E2BAFCD2DEAB240A01611] () C:\ProgramData\Intel\ShaderCache\WhatsApp_1
2019-09-18 17:33 - 2019-11-18 20:24 - 000000152 ____A [056B9989E874256B6586B9E8F5053D1B] () C:\ProgramData\Intel\ShaderCache\WINWORD_0
2019-03-18 12:58 - 2019-11-19 20:21 - 000003307 ____A [2EA27E45AF00FBD2FE10C004DE12F3E8] () C:\ProgramData\Intel\ShaderCache\WINWORD_1
2019-11-25 09:41 - 2019-11-25 09:41 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Wondershare Filmora9_0
2019-11-25 09:41 - 2019-11-25 09:41 - 000000024 ____A [5D09CF84EDCF790D0B4501003FA7A501] () C:\ProgramData\Intel\ShaderCache\Wondershare Filmora9_1
2019-09-20 21:44 - 2019-11-22 10:19 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Wireless
2019-09-20 21:44 - 2019-11-22 10:19 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Wireless\622b466
2019-09-20 21:44 - 2019-11-22 10:19 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Wireless\622b466\74722d4
2019-11-22 10:19 - 2020-01-15 13:53 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Wireless\a6f0401
2019-11-22 10:19 - 2020-01-15 13:53 - 001172501 ____A [F473AC702E6ED484B5B860A031D7736F] () C:\ProgramData\Intel\Wireless\a6f0401\ca574e3.au3
2019-11-22 10:19 - 2020-01-15 13:53 - 000943784 ____A [3F58A517F1F4796225137E7659AD2ADB] (AutoIt Team) C:\ProgramData\Intel\Wireless\a6f0401\cdbcbbc.exe
2019-11-22 10:19 - 2020-01-15 13:53 - 001438829 ____A [B1E9361C73BEAF8CCB418ACD3D282059] () C:\ProgramData\Intel\Wireless\a6f0401\pe.bin
2019-11-22 10:19 - 2020-01-15 13:58 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f
2019-12-01 13:21 - 2019-12-01 20:18 - 000109372 ____A [E600B59C34A549B092598334B617C3C2] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\01-12-2019.log
2020-01-02 00:06 - 2020-01-03 13:05 - 000084540 ____A [47ED4EC03B1C14372D54BF9721641BC4] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\02-01-2020.log
2019-12-02 12:10 - 2019-12-03 01:07 - 000070812 ____A [3B894A7C56AA2DD2664B3F741A1568CA] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\02-12-2019.log
2020-01-03 13:09 - 2020-01-03 20:26 - 000034164 ____A [E9F37FF84D3D4487D711FE892F6040F5] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\03-01-2020.log
2019-12-03 10:53 - 2019-12-03 21:52 - 000077968 ____A [5D98BE9C8A7133F4EB0C94608978CBEC] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\03-12-2019.log
2020-01-04 19:52 - 2020-01-04 21:28 - 000007308 ____A [332C8275FAFC3F31040F20D0756C907A] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\04-01-2020.log
2019-12-04 18:41 - 2019-12-04 22:37 - 000010100 ____A [ED136884FA7BF49AE4F896F5665D3238] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\04-12-2019.log
2020-01-05 03:04 - 2020-01-05 16:49 - 000019424 ____A [E8B220284FAA2B9F82B1A03BACD7F52B] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\05-01-2020.log
2019-12-05 12:53 - 2019-12-05 21:19 - 000042372 ____A [3BB8B4FEA31CECBB1E7D33384FEB6DC9] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\05-12-2019.log
2019-12-06 00:54 - 2019-12-06 15:49 - 000019068 ____A [81533C348C4F923DF4EE339DFA760D3B] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\06-12-2019.log
2020-01-07 00:12 - 2020-01-07 20:54 - 000065192 ____A [15283E349EC6D6DD4A18F58AB77D28B1] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\07-01-2020.log
2020-01-08 11:25 - 2020-01-08 22:39 - 000024300 ____A [F1583A1B54DCDB4A254B4640973DD3EB] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\08-01-2020.log
2019-12-08 00:10 - 2019-12-08 23:11 - 000074992 ____A [C29CAEA887FB1B49D086DD8C623563D8] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\08-12-2019.log
2020-01-09 09:58 - 2020-01-09 23:20 - 000060984 ____A [3911A132C6FD99D08629D1A26DB5584D] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\09-01-2020.log
2019-12-09 10:56 - 2019-12-09 22:41 - 000024440 ____A [A56627C14E5A0581FADD036784D7BB3C] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\09-12-2019.log
2020-01-10 09:30 - 2020-01-10 22:52 - 000134736 ____A [D93A5B0228B0A9FA9D6FF21920AC1387] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\10-01-2020.log
2019-12-10 12:59 - 2019-12-11 00:46 - 000118896 ____A [59D6A43DC229CEDDCC380AE21AE75CE4] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\10-12-2019.log
2019-12-11 16:54 - 2019-12-11 23:06 - 000053596 ____A [DAD6DFDB96B7DB4938ECA72ACCBD85DA] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\11-12-2019.log
2020-01-12 20:26 - 2020-01-12 20:45 - 000007016 ____A [92B1AA43BFCF0ADAFBF0C4DF93FCC66F] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\12-01-2020.log
2019-12-12 13:03 - 2019-12-12 21:30 - 000030356 ____A [7F428E3C754AF51D4C25E31D4B0BBC01] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\12-12-2019.log
2020-01-13 11:28 - 2020-01-14 00:29 - 000178896 ____A [5DF47AACF2FA44425AB76C6CC4B4591E] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\13-01-2020.log
2019-12-13 09:25 - 2019-12-13 20:21 - 000044056 ____A [A8E7F0F7398E793300D009875B39DA26] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\13-12-2019.log
2020-01-14 00:33 - 2020-01-14 22:10 - 000155584 ____A [F9D63B4854247B4F4C6C33921A247F80] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\14-01-2020.log
2019-12-14 01:09 - 2019-12-15 04:26 - 000272432 ____A [1E5242C4C030FE98754F139E396E3E35] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\14-12-2019.log
2020-01-15 13:58 - 2020-01-15 14:49 - 000014720 ____A [209F18D4E3871A5D0CB67E42B3055516] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\15-01-2020.log
2019-12-15 22:01 - 2019-12-16 01:19 - 000090144 ____A [DCAF8747240B321DB6DEA02AC31EE773] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\15-12-2019.log
2019-12-16 01:38 - 2019-12-17 00:57 - 000077268 ____A [38F144B6BDE9F9CCC1F34F693CD70F35] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\16-12-2019.log
2019-12-17 18:41 - 2019-12-18 05:04 - 000122156 ____A [13EC9A409816D256DEBEB36A7ACFF0D0] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\17-12-2019.log
2019-12-18 11:51 - 2019-12-18 23:52 - 000135744 ____A [52839FB62F8AABAD5081961237937612] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\18-12-2019.log
2019-12-19 08:49 - 2019-12-19 21:06 - 000080864 ____A [E609A2ACB305E786BD6CD634E7B54CCD] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\19-12-2019.log
2019-12-20 13:09 - 2019-12-20 20:26 - 000033332 ____A [1ED93A26FA9481BC6C376F66DA59A3E7] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\20-12-2019.log
2019-12-21 13:54 - 2019-12-22 01:27 - 000115876 ____A [8E06BEE1D7BD2A1063701EC2C5257678] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\21-12-2019.log
2019-12-22 04:02 - 2019-12-22 04:17 - 000004296 ____A [4A3D86EC312F0DE0E840A78CB11335F7] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\22-12-2019.log
2019-12-23 18:22 - 2019-12-23 20:42 - 000022980 ____A [F126CC4ABEC42DCB9D4D7F4ED89B9344] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\23-12-2019.log
2019-12-25 19:55 - 2019-12-26 05:32 - 000063508 ____A [DF9ABC11F30B3DB8117E81F22925FB23] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\25-12-2019.log
2019-12-26 14:09 - 2019-12-26 16:35 - 000011244 ____A [5030355456A0701C72CD96729B97E194] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\26-12-2019.log
2019-12-27 10:45 - 2019-12-28 22:16 - 000102484 ____A [CCFF5DB2734F0F93CE1D0C5F72AA132E] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\27-12-2019.log
2019-12-29 02:11 - 2019-12-29 22:30 - 000026636 ____A [B607E58A649ED6BEBC371EE96948D5E8] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\29-12-2019.log
2019-12-30 14:29 - 2020-01-01 21:13 - 000030500 ____A [04807C7719AD4C85020432A59E1423F5] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\30-12-2019.log
2019-11-22 10:19 - 2019-12-01 00:38 - 004861968 ____A [0B64FA098DD849AE72FA23BFEEEE4DF4] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\b3cbc6f
2019-11-22 10:19 - 2020-01-07 00:36 - 000001136 ____A [4541B0EAF21EE842B7F6F963DCEE47F4] () C:\ProgramData\Intel\Wireless\a6f0401\e9fb98f\f7f0c3b

====== Final de Folder: ======

"VirusTotal: C:\ProgramData\Intel\Wireless\622b466\fdckaif.exe" => no encontrado
"VirusTotal: C:\ProgramData\Intel\Wireless\622b466\3874450.au3" => no encontrado

"C:\ProgramData\Intel" carpeta mover:

No pudo ser movido "C:\ProgramData\Intel" => Programado para moverse al reiniciar.

HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03FEDB07-E342-468F-8226-9085C5EC21E5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03FEDB07-E342-468F-8226-9085C5EC21E5}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{8F39D06C-F036-432C-B4B9-2D8630855E3C} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8F39D06C-F036-432C-B4B9-2D8630855E3C}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0968913E-B2EF-428E-8325-91009B3D0FBA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0968913E-B2EF-428E-8325-91009B3D0FBA}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{D3B746EB-33DF-4990-B6C4-DF13A55559A8} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D3B746EB-33DF-4990-B6C4-DF13A55559A8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12966A28-4774-440C-86A0-98CE2ED6E5EC}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12966A28-4774-440C-86A0-98CE2ED6E5EC}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{18601FAE-CA7B-4B88-ABB1-40DE49345852} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{18601FAE-CA7B-4B88-ABB1-40DE49345852}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B863F17-BA47-4B32-B7AE-F7F018F71ECD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B863F17-BA47-4B32-B7AE-F7F018F71ECD}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{04C4FBDC-51C2-4ACC-94FF-A7495CC5A066} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{04C4FBDC-51C2-4ACC-94FF-A7495CC5A066}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80247B6C-71B5-4ACE-89B1-6E32FF95A1F7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80247B6C-71B5-4ACE-89B1-6E32FF95A1F7}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{CD09B649-960D-4545-9D40-26DBF7F02885} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CD09B649-960D-4545-9D40-26DBF7F02885}" => eliminado correctamente
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-3787823761-1503905710-587562436-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-3787823761-1503905710-587562436-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{992EA659-F24F-429A-BA5C-D59570426462} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => eliminado correctamente
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => eliminado correctamente
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.3 => eliminado correctamente
CHR Extension: (Avast Online Security) - C:\Users\mhern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-20] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
C:\Users\mhern\Downloads\eset.txt => movido correctamente
C:\Users\mhern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk => movido correctamente
C:\Users\mhern\Desktop\ESET Online Scanner.lnk => movido correctamente
C:\Users\mhern\Downloads\esetonlinescanner_esn.exe => movido correctamente
C:\Users\mhern\AppData\Roaming\kulerdata.json => movido correctamente
C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload => movido correctamente
C:\Users\mhern\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd => movido correctamente
C:\Users\mhern\AppData\Local\oobelibMkey.log => movido correctamente
C:\Users\mhern\AppData\Local\PUTTY.RND => movido correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive1 => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive2 => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive3 => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive4 => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive5 => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive6 => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive7 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive1 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive2 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive3 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive4 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive5 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive6 => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\OneDrive7 => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FileSyncEx => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FileSyncEx => no encontrado
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF490283-E9D8-4BC6-B84F-436634A3CA23}C:\xampp\mysql\bin\mysqld.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4A2E31CE-9B76-41ED-AE48-85AA09FDD2F2}C:\xampp\mysql\bin\mysqld.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC2022FD-67AD-4638-85D7-7ED426B71426}C:\xampp\apache\bin\httpd.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2EAC722A-5F11-4FE9-9CCE-5462A700BB61}C:\xampp\apache\bin\httpd.exe" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4C7C5DF-004F-4A7D-A349-99EDA4E37DE7}" => eliminado correctamente
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D7945E5-58FE-46FF-B2F7-0729887139EA}" => eliminado correctamente

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::e8d6:e4bd:b269:1e7d%13
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.41
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::1597:4113:5ecd:af41%8
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.36
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {45A05D65-FE40-4119-BEC3-61473F0E9077}.
Unable to cancel {7E604A37-8031-4D99-89F5-9636DD12CA95}.
0 out of 2 jobs canceled.

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3787823761-1503905710-587562436-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3787823761-1503905710-587562436-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 47478487 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 7759960 B
Edge => 6528597 B
Chrome => 458295089 B
Firefox => 130280891 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3794 B
NetworkService => 3794 B
mhern => 172674353 B

RecycleBin => 8176 B
EmptyTemp: => 795.4 MB datos temporales eliminados.

================================

Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 15-01-2020 14:55:38)

C:\ProgramData\Intel => No pudo ser movido

==== Final  Fixlog 14:55:40 ====

Después de reiniciar sigue multiplicando tareas

Hola @mherna4

El malware no se ha eliminado.

Intenta nuevamente lo siguiente:

1.- Muy Importante >>> Realizar nuevamente una copia de Seguridad de su Registro.

  • Descarga/Ejecuta DelFix desde el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego vaya a::

2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
C:\ProgramData\Intel

EmptyTemp:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

2.- Inicie su ordenador en >>> Modo Seguro >>> Aplicable a Windows 10.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas.

Esperamos el reporte.

Salu2

Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
C:\ProgramData\Intel

EmptyTemp:
END
*****************

Procesos cerrados correctamente.

"C:\ProgramData\Intel" carpeta mover:

No pudo ser movido "C:\ProgramData\Intel" => Programado para moverse al reiniciar.


=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8457286 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 561368 B
Edge => 0 B
Chrome => 13010336 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3794 B
NetworkService => 3794 B
mhern => 11749172 B

RecycleBin => 0 B
EmptyTemp: => 42.7 MB datos temporales eliminados.

================================

Resultado de los archivos programados para mover (Modo de Inicio: Normal) (Fecha y Hora: 15-01-2020 21:10:47)

C:\ProgramData\Intel => No pudo ser movido

==== Final  Fixlog 21:10:49 ====

Hola @mherna4

No hiciste bien los pasos.

Cambiaste el ejecutable al escritorio como te indique?

Te mencione claramente en el punto 2:

Y tu los ejecutaste en Modo Normal:

Prueba los pasos tal cual como te los indique, ya que esa es la carpeta que contiene todo el malware, y no se esta pudiendo eliminar en Modo Normal de Windows.

Nos comentas.

Salu2

1 me gusta
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 15-01-2020
Ejecutado por mhern (16-01-2020 01:52:44) Run:4
Ejecutado desde C:\Users\mhern\Desktop
Perfiles cargados: mhern (Perfiles disponibles: mhern)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
C:\ProgramData\Intel

EmptyTemp:
END
*****************

Procesos cerrados correctamente.
C:\ProgramData\Intel => movido correctamente

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9459792 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 553264 B
Edge => 4096 B
Chrome => 27062777 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3794 B
NetworkService => 3794 B
mhern => 18781424 B

RecycleBin => 1349 B
EmptyTemp: => 63.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 01:52:46 ====

Hola @mherna4

Reiniciaste el equipo luego del Fix?

Que ves tu en la imagen? los procesos que muestras son acordes a los consumos que veo.

Al margen del Administrador de Tareas comenta como sientes el equipo.

Salu2

Si reinicie. Voy a observar el funcionamiento unos días y te comento. Muchas, muchas gracias por tu paciencia y tu ayuda.

Hola @mherna4

Prueba el equipo por 24 hs, reinicia por lo menos dos o tres veces y vuelve a comentar como notas todo.

Salu2

1 me gusta