Malware y perdida de espacio? Y necesito actualizar a windows 10

Hola. No consigo solucionar un problema de pérdida de espacio que al parecer se debe a malware en mi PC que tiene sistema operativo windows 7, procesador i7 de 4° generación, ram de 4 Gb y tarjeta de video de 2 Gb. También ha dejado de funcionar la opción de restaurar sistema, daba error cada vez que lo intentaba. Una gran duda que tengo es si antes de instalar windows 10 (se supone para esto debo formatear el pc no?) Debo solucionar esos errores y eliminar los malware antes de formatear? O tras el formateo no estarían presentes esos problemas?

Saludos!!

Hola @Ulam

Si vas a hacer una instalación limpia de Windows 10 no necesitas limpiar primero el equipo, ya que con el formateo se eliminan los malwares, al menos de la partición de donde instales Windows. Pero no desaparecerán si tienes una partición aparte para tus archivos y estos estuvieran infectados.

Nos comentas.

Salu2

1 me gusta

Tengo dos particiones en el único disco duro interno supongo que si será una instalación limpia como dices. En este momento estoy pasando mis archivos a un disco duro externo. O debo solucionar dichos problemas antes de guardar los archivos en el disco extraible? El formateo y la instalación la haré yo mismo buscando en internet cómo se hace. Supongo debo crear un disco o usb de instalación de windows 10, entonces en caso de que dicho disco de instalación quedara infectado al haber sido creado en mi pc (que supongo puede estar infectado) puede infectar al pc en el proceso de instalación de windows 10?

Muchas gracias por tu ayuda. Saludos.

Hola @Ulam

Mira si vas a pasar archivos a un Usb, y ademas preparar los medios de instalación de Windows 10 desde ese mismo equipo, mejor lo limpiamos primero… :upside_down_face:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes Versión 4

  • Lo ejecutas siguiendo los pasos de su Manual.
  • Realizas un Análisis Personalizado
  • Revisa especialmente como salvar el reporte.

4.- Luego de finalizar todo lo anterior y reiniciar vuelve a desactiva temporalmente tu antivirus y cualquier programa de seguridad.

5.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan/Analizar y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio, debes adjuntar ambos

Guía: Como Ejecutar FRST

6.- En tu próxima respuesta, pegas todos los reportes generados, si no entran en un Post, revisa el Método 4 de la Guía o utilizas mas mensajes.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Vale gracias. Mira que ya había pasado algunas carpetas al disco externo. Entonces debo conectar ese disco externo para incluirlo en los escaneos? O puedo dejarlo para escanearlo después de que haya instalado windows 10? Puesto que tengo otro disco extraíble que igualmente he usado en este pc y está lleno de archivos y dichos escaneos tomarían bastante tiempo ya que solo tengo un puerto usb 3.0 funcionando bien y los otros son 2.0 También me doy cuenta de que ya se me pasó el período de prueba de Malwarebytes :c

Hola @Ulam

Puedes usar Malwarebytes Free para analizar, solo lo debes actualizar manualmente.

Los externos podemos analizarlos luego.

Salu2

Ok te agradezco. En este momento es pasada media noche acá. En cuanto amanezca me pongo manos a la obra. Saludos.

Hola @Ulam

Por aca esperamos esos reportes…:coffee:

Salu2

Lo siento por haberme tardado, tuve q ausentarme por motivos de fuerza mayor. aquí van los reportes, en algunos casos las aplicaciones generaron dos reportes entonces incluiré todos.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build:    05-25-2020
# Database: 2020-05-19.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-09-2020
# Duration: 00:00:38
# OS:       Windows 7 Ultimate
# Scanned:  31863
# Detected: 17


***** [ Services ] *****

PUP.Optional.Legacy             WCAssistantService

***** [ Folders ] *****

PUP.Optional.WebCompanion       C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion       C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion       C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion       C:\Users\0\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion       C:\Users\0\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9c0a4516-0a6f-447b-8b75-9eb7de796ece}|DisplayIcon
PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9c0a4516-0a6f-447b-8b75-9eb7de796ece}|DisplayName
PUP.Adware.Heuristic            HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9c0a4516-0a6f-447b-8b75-9eb7de796ece}|UninstallString
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
PUP.Optional.WebCompanion       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1310 octets] - [17/07/2019 00:30:31]
AdwCleaner[C00].txt - [1476 octets] - [17/07/2019 00:34:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build:    05-25-2020
# Database: 2020-05-19.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-09-2020
# Duration: 00:00:23
# OS:       Windows 7 Ultimate
# Cleaned:  14
# Failed:   3


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Users\0\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted       C:\Users\0\AppData\Roaming\Lavasoft\Web Companion
Not Deleted   C:\Program Files (x86)\Lavasoft\Web Companion
Not Deleted   C:\ProgramData\Application Data\Lavasoft\Web Companion
Not Deleted   C:\ProgramData\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9c0a4516-0a6f-447b-8b75-9eb7de796ece}|DisplayIcon
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9c0a4516-0a6f-447b-8b75-9eb7de796ece}|DisplayName
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9c0a4516-0a6f-447b-8b75-9eb7de796ece}|UninstallString
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1310 octets] - [17/07/2019 00:30:31]
AdwCleaner[C00].txt - [1476 octets] - [17/07/2019 00:34:07]
AdwCleaner[S01].txt - [3260 octets] - [09/06/2020 22:40:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

ZHP cleaner

~ ZHPCleaner v2020.6.7.203 by Nicolas Coolman (2020/06/07)
~ Run by 0 (Administrator)  (09/06/2020 23:22:59)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparar
~ Report : C:\Users\0\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\0\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (9)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (60)
MOVIDO carpeta: C:\Users\0\Desktop\uTorrent Web.lnk  [Bad : C:\Users\0\AppData\Roaming\uTorrent Web\utweb.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO carpeta: C:\Users\0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk  [Bad : C:\Users\0\AppData\Roaming\uTorrent Web\utweb.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO carpeta: C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\searchplugins\yahoo.xml    =>PUP.Optional.BDYahoo
MOVIDO carpeta*: C:\Program Files (x86)\Lavasoft\web companion    =>PUP.Optional.LavasoftWebCompanion
MOVIDO carpeta*: C:\ProgramData\Lavasoft\web companion    =>PUP.Optional.LavasoftWebCompanion
MOVIDO archivo^: C:\ProgramData\Mobile Partner  =>Toolbar.YahooPartner
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign011e8685ce525779  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign0b805ac7b6c3df92  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign14f2010f20833317  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign15a3ca66fe81456b  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign1a368a78ca93d980  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign1ff0b33b0f4676e4  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign215131e65bd59179  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign21d43ea3346b0187  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign371c71abfa9b7224  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign3810e79f4d74d46b  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign4458ef0dcaabc55d  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign4620ad25eecf85ac  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign4d91ef50bca12951  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign4d9ac9ba9a4c2ee4  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign4eb4aba6cd10f9f5  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign5061abb4fe1bb075  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign64c094699f931e79  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign6d1a68ba815cb205  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign721c3985adfd24c4  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign7246d1f450bb4dd0  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign7e253a54504b50cf  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign8529f65ecabdea72  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign88f911663ca15bdc  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign8bf4cd5e45a842a4  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign913cd637f4104e87  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign960332883dba0936  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign9ac8e3b8bdfdccd2  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign9b74c463b4fd01b0  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsign9be61df612070dc5  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsigna2c329301cffe74a  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsigna8d10916653d5096  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignaee08d7dd46687f1  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignb2dc794da9928b76  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignb3e3a495578c7d4c  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignbc75d36eed66954b  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignbe1f227d80a822bd  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignc1ba892ebf3374de  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsigncf2d6456c74cadcb  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignd1c4daf66aaa7419  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignd230979c14831a4c  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignd2a29e1e745e347f  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignd68061c3147bf150  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignd85f31732cf5788e  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsigndbbd7ba74c6555e8  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsigndc2b25759ecdaab1  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignde19f32459918868  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsigne299f32f13e6a6fb  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignec3f17713975ee20  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignfbe7b647f25cf4e3  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignfd1bb048e1a4995e  =>.SUP.Temporary
MOVIDO archivo: C:\Users\0\AppData\Local\Tempzxpsignff8c769c699b5325  =>.SUP.Temporary
MOVIDO archivo: C:\Program Files (x86)\lavasoft\web companion  =>PUP.Optional.LavasoftWebCompanion
MOVIDO archivo: C:\ProgramData\lavasoft\web companion  =>PUP.Optional.LavasoftWebCompanion
MOVIDO archivo: C:\ProgramData\Application Data\lavasoft\web companion  =>PUP.Optional.LavasoftWebCompanion


---\\  Registro ( Claves, Valores, Datos) (4)
BORRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4B8D6942-51A1-4E7A-B4F4-39C16AB811B1}\\DhcpNameServer [Bad : 200.21.200.80 200.21.200.10]  =>Hijacker.Browser
BORRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 200.21.200.80 200.21.200.10]  =>Hijacker.Browser
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)


---\\  Resumen de elementos en su estación de trabajo (6)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>PUP.Optional.BDYahoo
https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/  =>PUP.Optional.LavasoftWebCompanion
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>Toolbar.YahooPartner
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/  =>Hijacker.Browser


---\\ Limpieza adicional. (14)
~ Clave de registro Tracing borrados (12)
~ Quitar los antiguos informes de ZHPCleaner. (2)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 1784
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 8/15


---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 9/6/20
Hora del análisis: 23:44
Archivo de registro: 13b2c5b2-aad5-11ea-8466-000000000000.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.920
Versión del paquete de actualización: 1.0.23550
Licencia: Caducado

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: 0-PC\0

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 336407
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 34 min, 52 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 06-06-2020
Ejecutado por 0 (administrador) sobre 0-PC (Gigabyte Technology Co., Ltd. H81M-H) (10-06-2020 01:24:36)
Ejecutado desde C:\Users\0\Downloads
Perfiles cargados: 0
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 8 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() [Archivo no firmado] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Communications, Inc.) [Archivo no firmado] C:\Program Files (x86)\Jumpstart\jswpbapi.exe
(Avanquest Software SAS -> Avanquest Software) C:\Users\0\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(HUAWEI Technologies Co., Ltd. -> ) C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\0\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> ) D:\Archivos de programa\SideSync4\SideSync.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Spotify AB -> Spotify Ltd) C:\Users\0\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Techologies -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <3>
(Western Digital Techologies -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1923008 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068560 2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1767816 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299520 2017-05-11] (Intel(R) USB eXtensible Host Controller Drivers -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [56894976 2020-06-01] (Western Digital Techologies -> Western Digital Corporation)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\Run: [Avanquest Message] => C:\Users\0\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [439784 2020-04-02] (Avanquest Software SAS -> Avanquest Software)
HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\Run: [Spotify Web Helper] => C:\Users\0\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1579120 2017-07-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\Run: [SideSync] => D:\Archivos de programa\SideSync4\SideSync.exe [12476064 2019-01-11] (Samsung Electronics CO., LTD. -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4222.138\Installer\chrmstp.exe [2020-06-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-04-26]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-02-12]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [Archivo no firmado]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0A65D212-78ED-4FEB-823C-D0D33B2E875B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A7082D3-4DBC-40CF-AF0D-0ECB8448DED6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E6DEC22-80AB-4B7B-B1E8-0A8A64091C19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {12ED6D38-CBA9-4985-A7AD-3BFCD4B25DCC} - System32\Tasks\RealCreateProcessScheduledTask12926757S-1-5-21-3182008213-275058121-709268771-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2014-12-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {19E5735D-4BC9-4164-AF94-3205887D766B} - System32\Tasks\{24B8DE82-A8BD-446F-A618-6159C736728F} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
Task: {20A7404F-B38C-4C71-ACC6-A5866BE522BB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
Task: {2149FA2D-6D2E-4CDD-85A7-D7D10B4DB3D6} - System32\Tasks\{C46339FE-C67F-49CC-9692-DB00C8453C02} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
Task: {2657330C-DADB-4A60-B7EA-6EE92AA945E1} - System32\Tasks\Microsoft\mis tareas personales\desp => D:\Arpanet - Wireless Internet (2002)\2 arpanet - illuminated displays.flac
Task: {2C502E25-E7C8-4C52-9C83-899B6722A040} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30736586-48E7-42D9-BFB4-FCBDD91067DB} - System32\Tasks\Microsoft\mis tareas personales\desñpert => D:\Arpanet - Wireless Internet (2002)\6 arpanet - ntt docomo.flac
Task: {37B56ED6-D726-4C20-89F2-03698370E6CE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7071000 2019-11-10] (Nero AG -> Nero AG)
Task: {46ED7947-5860-4828-A517-7F4E9890847F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4A84E872-1BFB-4AB0-AEAF-721C1234D640} - System32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D} => C:\Windows\system32\pcalua.exe -a C:\Users\0\Downloads\OneDriveSetup.exe -d C:\Users\0\Downloads -c C:\Users\0\Downloads\OneDriveSetup.exe  /permachine  /silent  /childprocess /cusid:S-1-5-21-3182008213-275058121-709268771-1000
Task: {5A54F8A5-20F9-4C1B-A2C7-1E38DC170F4C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F87D44F-0DBE-426A-8C28-D0F32001F45D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6389EE54-75F3-4B80-909C-A2255038B69D} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {63DFCEB1-C25D-417C-8547-7763B2799FB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6B4A38E6-99D1-4497-B9E2-45DCB8EED44C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {6DDCB3C3-5B70-4A73-9A1F-AB2FA4EE2F79} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> Ningún archivo <==== ATENCIÓN
Task: {6FA4CAF9-4082-4ED4-99A5-45C886CAF33B} - System32\Tasks\AdobeAAMUpdater-1.0-0-PC-0 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7B937F59-5FCF-4C73-BF78-13576C1D8632} - System32\Tasks\RealCreateProcessScheduledTask48806457S-1-5-21-3182008213-275058121-709268771-1000 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2014-12-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {85C5231E-A5A2-43C6-9CD0-88F631A701D8} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {8BBFFAAA-7BF6-4004-AFF2-79984C0A343C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9274D706-440F-42C1-A087-8CD8F1D48C62} - System32\Tasks\Microsoft\mis tareas personales\de => D:\Bloom-Hydraulics\3-Dark_Light.mp3
Task: {9A10E7FE-834A-4F7F-9BA1-74CE50B03B92} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {A6A6E6AF-5F59-46AF-84CE-FDEAC3978F57} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B53A569A-615C-4A1F-8852-E5BD555B932A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {B9DC74D5-37FF-480D-AB83-8E08FA68CA05} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {BD1D5C94-8238-4C75-A5D4-37CCB79F045E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {C06C5571-8B25-4E48-96FD-82EAB3F899DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {C3DC70CB-6991-4631-B8D8-48B640FCFF1F} - System32\Tasks\{8FE69821-D631-43D3-8611-277AE9D18E20} => C:\Windows\system32\pcalua.exe -a "C:\Users\0\Downloads\Eraser 6.2.0.2982.exe" -d C:\Users\0\Downloads
Task: {C87A20FD-42D8-4788-9AAD-3A2E01030A46} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3182008213-275058121-709268771-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178800 2011-11-08] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {C9D62901-076E-4EBF-8C79-4F964C396DCC} - System32\Tasks\{5C888DFF-204A-4800-A7F1-AD20D433C41E} => C:\Windows\system32\pcalua.exe -a "C:\Users\0\Downloads\Eraser 6.2.0.2986.exe" -d C:\Users\0\Downloads
Task: {CC2D9E3D-F28B-4697-AB93-B0725B1A729F} - System32\Tasks\{489B83BF-8D92-4C2C-B80F-8CA4FA49AD8A} => C:\Windows\system32\pcalua.exe -a "D:\Archivos de programa\Call of Duty Black Ops 2\redist\vcredist_x86.exe" -d "D:\Archivos de programa\Call of Duty Black Ops 2\redist"
Task: {CEB19205-9EF4-43F2-A773-D20E53A5063E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {D5C758DE-ECED-4274-B9DB-1DD8178BE360} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D8D574C2-F6DF-487D-A3E8-68097325FC2C} - System32\Tasks\{05EBA2BB-F74E-4158-B576-C92CFC24BF32} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
Task: {E60092B4-FDD7-4D75-841D-09A0EA9E9F54} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6D3C923-BFC2-4AB2-924B-25A035BA2F77} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {EA0AA1A0-FD44-4AE5-B698-ACAD9A4EA579} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3182008213-275058121-709268771-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178800 2011-11-08] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {EBF0F772-437B-4826-B08D-DB25A46903E9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {F1BDDEC4-E478-402F-9F98-F93437C8A4F2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2CFBB5E-5AAC-41E2-835D-9AABB39D03E4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {F565C5B5-C32B-4293-834F-F5A054BA9C9A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-22] (Dropbox, Inc -> Dropbox, Inc.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.21.200.80 200.21.200.10
Tcpip\..\Interfaces\{4B8D6942-51A1-4E7A-B4F4-39C16AB811B1}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4B8D6942-51A1-4E7A-B4F4-39C16AB811B1}: [DhcpNameServer] 200.21.200.80 200.21.200.10

Internet Explorer:
==================
HKU\S-1-5-21-3182008213-275058121-709268771-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-co/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2014-12-17] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3182008213-275058121-709268771-1000 -> Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: xwdkw8d6.default-1520192493366
FF ProfilePath: C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366 [2020-06-10]
FF NewTab: Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190920
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] [2020-06-09]
FF Extension: (Avast Online Security) - C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] [2020-06-09]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2018-03-30] [Heredado] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-01-29] [Heredado] [no firmado]
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Ningún archivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll [2014-12-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-10-04] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] (Apple Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-06] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-06] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\0\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall) [Archivo no firmado]
FF Plugin-x32: @real.com/nppl3260;version=15.0.0.198 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.0.198 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2014-12-17] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2014-12-17] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2014-12-17] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprpjplug;version=15.0.0.198 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2014-12-17] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN) [Archivo no firmado]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\0\AppData\Local\Google\Chrome\User Data\Default [2020-06-10]
CHR Extension: (Traductor de Google) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Presentaciones) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-16]
CHR Extension: (Documentos) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-16]
CHR Extension: (Google Drive) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-17]
CHR Extension: (Turn Off the Lights) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2020-06-05]
CHR Extension: (YouTube) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-18]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (OneTab) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2020-05-05]
CHR Extension: (MagicScroll Web Reader) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecldhagehndokdmaiaigoaecbmbnmfkc [2016-02-29]
CHR Extension: (Adobe Acrobat) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Hojas de cálculo) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (Avast Online Security) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-04]
CHR Extension: (Google Play Music) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2019-01-15]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-12-17]
CHR Extension: (InstaG Downloader) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkdcmgmnegofdddphijckfagibepdlb [2018-07-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2014-12-17]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4222.138\elevation_service.exe [954600 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] (Intel(R) Software Development Products -> )
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] (HUAWEI Technologies Co., Ltd. -> )
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [Archivo no firmado]
S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [Archivo no firmado]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-12-17] () [Archivo no firmado]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-03-06] (HUAWEI Technologies Co., Ltd. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe [157456 2017-03-07] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] (Intel(R) Software Development Products -> )
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205880 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234560 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178760 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175704 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [501472 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851592 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460992 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235488 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319112 2020-05-28] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ewusbmbb; C:\Windows\System32\DRIVERS\ewusbwwan.sys [439808 2012-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2010-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [13952 2010-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [104448 2012-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [90112 2011-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [30720 2011-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [229376 2012-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [225920 2011-12-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R1 JSWPSLWF; C:\Windows\System32\DRIVERS\jswpslwfx.sys [26624 2008-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-10-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2017-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-10 01:24 - 2020-06-10 01:26 - 000045422 _____ C:\Users\0\Downloads\FRST.txt
2020-06-10 01:22 - 2020-06-10 01:22 - 002289152 _____ (Farbar) C:\Users\0\Downloads\FRST64.exe
2020-06-10 01:20 - 2020-06-10 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-10 01:09 - 2020-06-10 01:09 - 000000000 ___HD C:\OneDriveTemp
2020-06-10 01:03 - 2020-06-10 01:03 - 000001527 _____ C:\Users\0\Downloads\malwarebytes.txt
2020-06-09 23:44 - 2020-06-10 00:16 - 000000000 ____D C:\Users\0\AppData\LocalLow\IGDump
2020-06-09 23:38 - 2020-06-09 23:38 - 000008754 _____ C:\Users\0\Downloads\ZHPCleaner.txt
2020-06-09 23:27 - 2020-06-09 23:27 - 000018288 _____ C:\Users\0\Desktop\ZHPCleaner (R).html
2020-06-09 23:27 - 2020-06-09 23:27 - 000008751 _____ C:\Users\0\Desktop\ZHPCleaner (R).txt
2020-06-09 23:20 - 2020-06-09 23:20 - 000018635 _____ C:\Users\0\Desktop\ZHPCleaner (S).html
2020-06-09 23:20 - 2020-06-09 23:20 - 000009094 _____ C:\Users\0\Desktop\ZHPCleaner (S).txt
2020-06-09 23:08 - 2020-06-09 23:08 - 000000826 _____ C:\Users\0\Desktop\ZHPCleaner.lnk
2020-06-09 23:00 - 2020-06-09 23:00 - 003305856 _____ (Nicolas Coolman) C:\Users\0\Desktop\ZHPCleaner.exe
2020-06-09 22:52 - 2020-06-09 22:52 - 000003138 _____ C:\Users\0\Downloads\AdwCleaner[C01].txt
2020-06-09 22:52 - 2020-06-09 22:52 - 000001862 _____ C:\Users\0\Downloads\AdwCleaner[S02].txt
2020-06-09 22:51 - 2020-06-09 22:51 - 000003260 _____ C:\Users\0\Downloads\AdwCleaner[S01].txt
2020-06-09 22:29 - 2020-06-09 22:30 - 008402608 _____ (Malwarebytes) C:\Users\0\Downloads\adwcleaner_8.0.5.exe
2020-06-09 22:25 - 2020-06-09 22:25 - 000019082 _____ C:\Users\0\Desktop\cc_20200609_222515.reg
2020-06-09 22:25 - 2020-06-09 22:25 - 000003022 _____ C:\Users\0\Desktop\cc_20200609_222530.reg
2020-06-09 22:25 - 2020-06-09 22:25 - 000000168 _____ C:\Users\0\Desktop\cc_20200609_222546.reg
2020-06-09 21:15 - 2020-06-09 21:15 - 000002635 _____ C:\Users\0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FF Password Exporter.lnk
2020-06-09 21:15 - 2020-06-09 21:15 - 000002627 _____ C:\Users\0\Desktop\FF Password Exporter.lnk
2020-06-09 21:15 - 2020-06-09 21:15 - 000000000 ____D C:\Users\0\AppData\Roaming\FF Password Exporter
2020-06-09 21:15 - 2020-06-09 21:15 - 000000000 ____D C:\Users\0\AppData\Local\ff-password-exporter-updater
2020-06-09 21:11 - 2020-06-09 21:14 - 070271048 _____ (Kyle Spearrin) C:\Users\0\Downloads\FF-Password-Exporter-Installer-1.2.0.exe
2020-06-09 20:43 - 2020-06-09 20:43 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-06-09 20:38 - 2020-06-09 22:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-06-09 19:27 - 2020-06-09 19:28 - 022267336 _____ (Piriform Software Ltd) C:\Users\0\Downloads\ccsetup565.exe
2020-06-09 13:58 - 2020-06-09 13:58 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-06-09 13:58 - 2020-06-09 13:58 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-06-09 13:58 - 2020-06-09 13:58 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2020-06-09 13:58 - 2020-06-09 13:58 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-06-06 10:59 - 2020-06-06 10:59 - 000002115 _____ C:\Users\Public\Desktop\WD Backup.lnk
2020-06-06 10:59 - 2020-06-06 10:59 - 000002115 _____ C:\ProgramData\Desktop\WD Backup.lnk
2020-06-02 01:29 - 2020-06-06 00:19 - 000000000 _____ C:\Windows\system32\last.dump
2020-06-01 23:02 - 2020-06-04 00:19 - 000000000 ____D C:\Users\0\AppData\LocalLow\BitTorrent
2020-06-01 19:24 - 2020-06-01 19:24 - 001114992 _____ (Western Digital Corporation) C:\Users\0\Desktop\Install_WD_Discovery_for_Windows.exe
2020-06-01 19:20 - 2020-06-10 01:08 - 000000000 ____D C:\Users\0\AppData\Roaming\WD Discovery
2020-06-01 19:20 - 2020-06-10 01:08 - 000000000 ____D C:\Users\0\.wdc
2020-06-01 19:20 - 2020-06-01 19:20 - 000001184 _____ C:\Users\Public\Desktop\WD Discovery.lnk
2020-06-01 19:20 - 2020-06-01 19:20 - 000001184 _____ C:\ProgramData\Desktop\WD Discovery.lnk
2020-06-01 19:17 - 2020-06-01 19:17 - 000000000 ____D C:\Program Files\WDCSAM
2020-06-01 18:22 - 2020-06-01 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2020-06-01 18:22 - 2020-06-01 18:22 - 000001079 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2020-06-01 18:22 - 2020-06-01 18:22 - 000001079 _____ C:\ProgramData\Desktop\WD Drive Utilities.lnk
2020-06-01 17:29 - 2020-06-01 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2020-06-01 16:17 - 2020-06-01 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-05-21 10:47 - 2020-05-21 10:46 - 000337560 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-05-21 10:47 - 2020-05-21 10:46 - 000235488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-05-21 10:47 - 2020-05-21 10:46 - 000175704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-05-13 11:56 - 2020-05-13 11:59 - 000000000 ____D C:\Users\0\Documents\celu mayo 2020

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-10 01:25 - 2019-07-17 16:13 - 000000000 ____D C:\FRST
2020-06-10 01:21 - 2016-01-22 18:33 - 000000940 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-06-10 01:21 - 2016-01-22 18:32 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-10 01:13 - 2019-10-03 19:27 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-10 01:13 - 2019-10-03 19:27 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-10 01:11 - 2014-12-17 15:24 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-10 01:09 - 2018-03-28 11:43 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-06-10 01:09 - 2018-03-20 02:21 - 000000000 ____D C:\Users\0\AppData\Local\AVAST Software
2020-06-10 01:09 - 2017-08-15 13:37 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-06-10 01:09 - 2015-05-13 10:23 - 000000000 ___RD C:\Users\0\OneDrive
2020-06-10 01:06 - 2017-09-22 05:06 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-10 01:06 - 2016-01-22 18:33 - 000000936 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-06-10 01:05 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-10 01:04 - 2009-07-13 23:45 - 000009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-10 01:04 - 2009-07-13 23:45 - 000009904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-09 23:27 - 2019-07-17 00:50 - 000000000 ____D C:\Users\0\AppData\Roaming\ZHP
2020-06-09 23:26 - 2019-09-20 15:58 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-06-09 23:26 - 2019-09-20 15:57 - 000000000 ____D C:\ProgramData\Lavasoft
2020-06-09 22:45 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2020-06-09 22:43 - 2014-12-17 12:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-09 22:41 - 2019-09-20 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:58 - 000000000 ____D C:\Users\0\AppData\Roaming\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:58 - 000000000 ____D C:\Users\0\AppData\Local\Lavasoft
2020-06-09 22:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2020-06-09 22:40 - 2014-12-17 22:55 - 000000000 ____D C:\Users\0\AppData\Roaming\vlc
2020-06-09 22:08 - 2015-06-06 19:22 - 000000000 ____D C:\Users\0\AppData\Roaming\BitTorrent
2020-06-09 21:38 - 2017-08-10 20:09 - 000000000 ____D C:\Users\0\AppData\LocalLow\Mozilla
2020-06-09 20:07 - 2017-11-04 13:31 - 000000000 ____D C:\Users\0\Desktop\Nueva carpeta
2020-06-09 19:45 - 2019-07-16 23:48 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-09 19:45 - 2019-07-16 23:48 - 000000824 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-06-09 09:20 - 2014-12-17 15:46 - 000000000 ____D C:\Users\0\AppData\Local\Adobe
2020-06-07 00:43 - 2020-03-25 21:46 - 000003114 _____ C:\Windows\system32\Tasks\{5C888DFF-204A-4800-A7F1-AD20D433C41E}
2020-06-07 00:43 - 2020-03-25 21:45 - 000003114 _____ C:\Windows\system32\Tasks\{8FE69821-D631-43D3-8611-277AE9D18E20}
2020-06-07 00:43 - 2019-10-03 19:27 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-06-07 00:43 - 2017-12-04 03:50 - 000003486 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-0-PC-0
2020-06-07 00:43 - 2017-09-22 05:08 - 000003814 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-09-22 05:07 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-09-22 05:07 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-09-22 05:07 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-09-22 05:07 - 000003730 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-09-22 05:07 - 000003554 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-09-22 05:07 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-07 00:43 - 2017-07-26 15:04 - 000003158 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3182008213-275058121-709268771-1000
2020-06-07 00:43 - 2016-05-19 00:07 - 000002774 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-06-07 00:43 - 2016-03-05 09:55 - 000003324 _____ C:\Windows\system32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3182008213-275058121-709268771-1000
2020-06-07 00:43 - 2016-02-27 10:00 - 000003182 _____ C:\Windows\system32\Tasks\RealUpgradeLogonTaskS-1-5-21-3182008213-275058121-709268771-1000
2020-06-07 00:43 - 2016-02-01 08:37 - 000003886 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-06-07 00:43 - 2016-01-22 18:33 - 000003946 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-06-07 00:43 - 2016-01-22 18:33 - 000003694 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-06-07 00:43 - 2015-12-28 19:57 - 000003248 _____ C:\Windows\system32\Tasks\{489B83BF-8D92-4C2C-B80F-8CA4FA49AD8A}
2020-06-07 00:43 - 2015-12-03 11:03 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-06-07 00:43 - 2015-05-13 10:23 - 000003364 _____ C:\Windows\system32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D}
2020-06-07 00:43 - 2015-02-19 22:56 - 000002972 _____ C:\Windows\system32\Tasks\{24B8DE82-A8BD-446F-A618-6159C736728F}
2020-06-07 00:43 - 2015-02-19 22:56 - 000002972 _____ C:\Windows\system32\Tasks\{05EBA2BB-F74E-4158-B576-C92CFC24BF32}
2020-06-07 00:43 - 2015-02-19 22:54 - 000002972 _____ C:\Windows\system32\Tasks\{C46339FE-C67F-49CC-9692-DB00C8453C02}
2020-06-07 00:43 - 2015-02-08 22:44 - 000003082 _____ C:\Windows\system32\Tasks\RealCreateProcessScheduledTask12926757S-1-5-21-3182008213-275058121-709268771-1000
2020-06-07 00:43 - 2015-02-08 01:40 - 000003082 _____ C:\Windows\system32\Tasks\RealCreateProcessScheduledTask48806457S-1-5-21-3182008213-275058121-709268771-1000
2020-06-07 00:43 - 2014-12-17 12:38 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-07 00:43 - 2014-12-17 12:38 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-06 11:01 - 2015-06-06 16:14 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-06 10:59 - 2017-09-21 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2020-06-06 10:59 - 2017-09-21 17:16 - 000000000 ____D C:\Program Files (x86)\Western Digital
2020-06-06 10:00 - 2009-07-14 04:31 - 000751318 _____ C:\Windows\system32\perfh00A.dat
2020-06-06 10:00 - 2009-07-14 04:31 - 000160360 _____ C:\Windows\system32\perfc00A.dat
2020-06-06 10:00 - 2009-07-14 00:13 - 001687128 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-04 01:58 - 2015-01-11 01:05 - 000000000 ____D C:\Users\0\AppData\Roaming\dvdcss
2020-06-04 00:56 - 2016-02-10 14:55 - 000000000 ___SD C:\Users\0\AppData\LocalLow\Temp
2020-06-02 15:29 - 2019-04-11 16:34 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-02 15:29 - 2018-03-20 02:23 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-06-02 08:32 - 2018-01-12 01:47 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2020-06-02 00:52 - 2018-01-12 05:05 - 000000000 ____D C:\Program Files (x86)\Nox
2020-06-02 00:52 - 2018-01-12 05:04 - 000000000 ____D C:\Users\0\AppData\Local\Nox
2020-06-02 00:52 - 2014-12-17 12:32 - 000000000 ____D C:\Users\0
2020-06-02 00:47 - 2016-12-10 16:04 - 000000000 ____D C:\Users\0\AppData\Local\Bluestacks
2020-06-01 23:49 - 2015-11-28 09:14 - 000000000 ____D C:\Users\0\Documents\e
2020-06-01 23:47 - 2016-09-03 16:57 - 000000000 ____D C:\Users\0\Documents\act popayan
2020-06-01 23:37 - 2015-10-29 15:07 - 000000000 ____D C:\Users\0\Documents\fotos mías para trabajos
2020-06-01 23:08 - 2015-01-30 18:01 - 000000000 ____D C:\Users\0\Documents\fotos casa embrujada
2020-06-01 19:17 - 2019-09-04 16:01 - 000000000 ____D C:\Program Files\DIFX
2020-06-01 17:22 - 2017-10-20 15:01 - 000000000 ____D C:\Program Files\Recuva
2020-05-28 11:04 - 2014-12-17 15:25 - 000319112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-05-21 10:46 - 2020-04-20 09:59 - 000501472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-05-21 10:46 - 2018-10-22 12:29 - 000042784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-05-21 10:46 - 2014-12-17 15:25 - 000460992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-05-21 10:46 - 2014-12-17 15:25 - 000109272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-05-21 10:46 - 2014-12-17 15:25 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-05-21 10:44 - 2019-01-17 09:46 - 000037136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-05-21 10:44 - 2017-11-09 16:02 - 000205880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-05-21 10:44 - 2014-12-17 15:25 - 000851592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-05-21 10:42 - 2019-01-17 09:45 - 000178760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-05-21 10:42 - 2019-01-17 09:45 - 000060480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-05-21 10:41 - 2019-01-18 09:16 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-05-19 08:01 - 2019-04-11 16:34 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-15 09:00 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-05-14 00:02 - 2018-01-11 16:17 - 000000000 ____D C:\Users\0\AppData\Local\JDownloader 2.0

==================== Archivos en la raíz de algunos directorios ========

2018-11-28 01:10 - 2019-09-11 20:29 - 000000012 _____ () C:\Users\0\AppData\Roaming\channelChoice.ini
2018-10-30 16:54 - 2018-10-30 16:54 - 000000028 _____ () C:\Users\0\AppData\Roaming\kulerdata.json
2019-04-18 19:24 - 2019-09-16 21:14 - 000001456 _____ () C:\Users\0\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2016-09-10 14:08 - 2016-09-10 14:08 - 000001456 _____ () C:\Users\0\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-09-28 09:25 - 2018-09-28 09:25 - 000000000 _____ () C:\Users\0\AppData\Local\oobelibMkey.log
2016-12-10 19:17 - 2017-07-06 12:57 - 000000553 _____ () C:\Users\0\AppData\Local\TroubleshooterConfig.json
2018-06-27 01:36 - 2018-06-27 01:36 - 000000000 _____ () C:\Users\0\AppData\Local\{9B8F1BB0-CC7A-4F14-A5AC-A64261B32B43}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-06-06 19:43
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por 0 (10-06-2020 01:26:44)
Ejecutado desde C:\Users\0\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-17 17:32:53)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

0 (S-1-5-21-3182008213-275058121-709268771-1000 - Administrator - Enabled) => C:\Users\0
Administrador (S-1-5-21-3182008213-275058121-709268771-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3182008213-275058121-709268771-1002 - Limited - Enabled)
Invitado (S-1-5-21-3182008213-275058121-709268771-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
4K Video Downloader 4.4 (HKLM-x32\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
Ableton Live 9 Suite (HKLM\...\{99C4D476-0AF0-4045-998F-E11CA4957BDB}) (Version: 9.0.0.0 - Ableton)
Actualización de NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{2F475153-E8DF-4439-9B7C-77A29E10DD67}) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Reader XI - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\{9B92B20A-6A19-428F-8BD0-52DF859B1C61}) (Version: 11.6.8.638 - Adobe Systems, Inc)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.92 - NVIDIA Corporation) Hidden
Apple Application Support (32 bits) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avanquest Message (HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.10.0 - Avanquest Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 81.1.4222.138 - Los creadores de Avast Secure Browser)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.20.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.10.50.1 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.10.31.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.20.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.20.0 - Canon Inc.)
Capture One 12.0 (HKLM\...\CaptureOne12_is1) (Version: 12.0.4.12 - Phase One A/S)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
CrystalDiskInfo 8.5.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World)
Data Lifeguard Diagnostic version 1.37 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
DENOISE projects 2 (HKLM\...\DENOISE projects 2 by SaNet.cd_is1) (Version: 2.27 - Franzis Verlag GmbH)
Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
EASEUS Data Recovery Wizard Professional 5.0.1 (HKLM-x32\...\EASEUS Data Recovery Wizard Professional 5.0.1_is1) (Version:  - EASEUS)
Eraser 6.2.0.2986 (HKLM\...\{5227C9E1-58FC-45DE-880C-0E4C3559837D}) (Version: 6.2.2986 - The Eraser Project)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FF Password Exporter (HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\4088ae7b-2be7-5157-8053-1b94a5d03d5b) (Version: 1.2.0 - Kyle Spearrin)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
icofx 3.0.3 (HKLM-x32\...\icofx 3_is1) (Version: 3.0.3 - IcoFX Software S.R.L.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Jumpstart Installation Program (HKLM-x32\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version:  - Atheros)
Kolor KolorEyes 1.4 (HKLM\...\KolorEyes 1.4) (Version: V1.4.1 - Kolor)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{122D94E8-4E70-42BC-80A2-2C9F81003512}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{e89464af-e7f0-4ed3-bf43-f1a5986113db}) (Version: 14.10.25017.0 - Корпорация Майкрософт)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.003.07.02.486 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 77.0.1 (x64 es-MX) (HKLM\...\Mozilla Firefox 77.0.1 (x64 es-MX)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 77.0.1.7458 - Mozilla)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.0.311 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.10.0.13 - Native Instruments)
Nero BurningROM 2020 (HKLM-x32\...\{BC220CBF-A8E5-48D1-816F-0403E7F6E7FC}) (Version: 22.0.00700 - Nero AG)
Nero Core (HKLM-x32\...\{5E063AA4-5E7D-40D1-99A1-D8E9F5F9BB0E}) (Version: 2.0.05800 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 21.0.1007 - Nero AG)
NVIDIA Controlador de 3D Vision 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 387.92 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.92 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Panel de control de NVIDIA 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 387.92 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Leaf Imaging Ltd. Image  (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Paquete de controladores de Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Paquete de controladores de Windows - Phase One A/S (WinUSB) USBDevice  (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Prerequisite installer (HKLM-x32\...\{964E6898-DEF3-445B-BDCE-EF5089DD7574}) (Version: 22.0.0005 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version:  - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.244 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Software de cámara Web Logitech (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
SoulseekQt versión 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC)
Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
Spotify (HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
TP-LINK TL-WN7200ND Driver (HKLM-x32\...\{9F88C456-C1E7-4D96-81BE-8D9E75C0229E}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
uTorrent Web (HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\utweb) (Version: 1.0.2 - BitTorrent, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WD Backup (HKLM-x32\...\{7F7BFEB8-7A43-4E6D-8345-77AA21F88429}) (Version: 1.9.7375.5719 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{f8b1f334-65ee-44bd-823c-c06f4c3907b5}) (Version: 1.9.7375.5719 - Western Digital Technologies, Inc.)
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 1.3.329 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{2db219ff-e483-403b-9374-aea609abaf1d}) (Version: 1.4.3.13 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{693748a9-bddc-4f6f-b3ff-f9bd14a3fcc0}) (Version: 2.0.0.71 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{ED1E371E-F744-437B-95AD-9552E2BCE629}) (Version: 2.0.0.71 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{A2D70EE4-2462-4F04-9955-5761E3F3F47A}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{f1fc402c-35fd-40c0-97e4-5bee07891caf}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3182008213-275058121-709268771-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-09-21] (Logitech, Inc. -> Logitech Inc.)

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2012-08-30 13:39 - 2015-02-18 14:11 - 000112128 _____ ( () [Archivo no firmado])  [El archivo está en uso ] C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000091136 _____ ( () [Archivo no firmado])  [El archivo está en uso ] D:\Archivos de programa\SideSync4\ThoughtWorks.QRCode.dll
2016-05-09 22:01 - 2016-05-09 22:01 - 000225280 _____ ( (Microsoft Corporation) [Archivo no firmado])  [El archivo está en uso ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2015-02-12 19:19 - 2013-11-06 13:42 - 000193024 _____ () [Archivo no firmado] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2015-02-12 19:19 - 2013-11-11 17:38 - 001411072 _____ () [Archivo no firmado] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2015-02-12 19:19 - 2013-11-06 13:42 - 001204224 _____ () [Archivo no firmado] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RaWLAPI.dll
2015-02-12 19:19 - 2013-11-06 13:42 - 000191488 _____ () [Archivo no firmado] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll
2020-06-01 19:20 - 2020-06-01 19:20 - 001877504 _____ () [Archivo no firmado] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2016-04-01 18:53 - 2009-06-22 13:42 - 000043008 _____ () [Archivo no firmado] C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2016-04-01 18:53 - 2009-01-10 05:32 - 000011362 _____ () [Archivo no firmado] C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2016-04-01 18:53 - 2010-05-14 04:57 - 002415104 _____ () [Archivo no firmado] C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2016-04-01 18:53 - 2010-02-10 09:10 - 001148416 _____ () [Archivo no firmado] C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2016-04-01 18:53 - 2010-02-10 09:06 - 000398336 _____ () [Archivo no firmado] C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2016-04-01 18:53 - 2012-03-06 22:16 - 000843264 _____ () [Archivo no firmado] C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 001289216 _____ () [Archivo no firmado] D:\Archivos de programa\SideSync4\cairo.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000230529 _____ () [Archivo no firmado] D:\Archivos de programa\SideSync4\libpng14-14.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000100352 _____ () [Archivo no firmado] D:\Archivos de programa\SideSync4\zlib1.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2016-05-04 04:15 - 2016-05-04 04:15 - 008931854 _____ (FFmpeg Project) [Archivo no firmado] D:\Archivos de programa\SideSync4\avcodec-56.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000850446 _____ (FFmpeg Project) [Archivo no firmado] D:\Archivos de programa\SideSync4\avfilter-5.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 001817614 _____ (FFmpeg Project) [Archivo no firmado] D:\Archivos de programa\SideSync4\avformat-56.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000352782 _____ (FFmpeg Project) [Archivo no firmado] D:\Archivos de programa\SideSync4\avutil-54.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000102414 _____ (FFmpeg Project) [Archivo no firmado] D:\Archivos de programa\SideSync4\swresample-1.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000464398 _____ (FFmpeg Project) [Archivo no firmado] D:\Archivos de programa\SideSync4\swscale-3.dll
2020-06-01 19:20 - 2020-06-01 19:20 - 015029760 _____ (Node.js) [Archivo no firmado] C:\Program Files (x86)\Western Digital\Discovery\Current\node.dll
2017-10-09 15:33 - 2017-10-06 06:52 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2017-10-09 15:33 - 2017-10-06 06:52 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000055808 _____ (Open Source Software community LGPL) [Archivo no firmado] D:\Archivos de programa\SideSync4\pthreadVC2.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 001420800 _____ (Pizzolato Davide - www.xdp.it) [Archivo no firmado] D:\Archivos de programa\SideSync4\cximageu.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000110207 _____ (Un4seen Developments) [Archivo no firmado] D:\Archivos de programa\SideSync4\BASS.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000019008 _____ (Un4seen Developments) [Archivo no firmado] D:\Archivos de programa\SideSync4\BASSCD.dll
2016-05-04 04:15 - 2016-05-04 04:15 - 000017472 _____ (Un4seen Developments) [Archivo no firmado] D:\Archivos de programa\SideSync4\BASSWMA.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\0\Cookies:8bm9D2zgPT7Gh8HKMH7r99K [505]
AlternateDataStreams: C:\Users\0\AppData\Local\Archivos temporales de Internet:ktjrdPaPO2pZMCrCCR9q8 [2284]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-3182008213-275058121-709268771-1000\...\skype.com -> apps.skype.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 21:34 - 2019-09-04 15:57 - 000000596 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;D:\Archivos de programa\QTSystem\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3182008213-275058121-709268771-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: WinDefend => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: jswtrayutil => "C:\Program Files (x86)\Jumpstart\jswtrayutil.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: QuickTime Task => "D:\Archivos de programa\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\0\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: WTFast Tray => "D:\Archivos de programa\WTFast\WTFast.exe" trayonly

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{F06C15FD-0A89-4C1B-A837-D5520A737941}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0FAF17AA-E212-4604-BFAD-3E791B832055}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0FB4090-A4CE-436A-88FC-965B4AB1B0C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C16A1B9B-EB73-43AB-9D7E-3E220A727DBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{127E4422-0C8B-450A-8179-EB26F4D45967}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9C43F5CA-6958-4E8B-9501-30DB8A53D3A5}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{2ECE25BB-6962-4195-965D-7E681846A43E}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [{23164627-3863-48F7-B1E0-1794BEDB4994}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F1794DB5-DE30-468D-8F70-744319C59020}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{775BC03D-C199-45EC-8C9A-7F3FD0E955A6}] => (Allow) C:\Users\0\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BC7BF10-F9B5-4A58-9E49-85646C592DFB}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> ) [Archivo no firmado]
FirewallRules: [{F7EE8606-1559-401E-BB8D-9A52AC39C740}] => (Allow) C:\Users\0\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{86064F5D-25CD-47F0-B2D3-58DFB5BDEF5A}] => (Allow) C:\Users\0\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{AB4138A1-F029-4235-A30B-5962A1567E7C}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{C5759612-003E-4A97-83A6-7145EE1A3EE5}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{F495B697-8CAC-4610-BC89-885FAB03890C}C:\users\0\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\0\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{419D8110-E277-49FD-8232-148B82D29A74}C:\users\0\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\0\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F607E30D-E0C7-4CAA-8478-1CD06A526DE8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{105512F0-0010-40DC-8400-355FD0937841}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2A516B1C-9D43-4BBB-9FA3-A08222E23723}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A3A571BF-BAD9-41D2-8F96-F88037C0A503}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{C1564400-4A9F-4E5A-8D05-426E849533F2}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{CF922D16-AC77-47F5-83B1-E3C6403A3AFA}C:\users\0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\0\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B005D182-0ED0-4453-897A-775D2AD654B1}C:\users\0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\0\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{67C70669-EC63-4E9F-A8F1-5714184135AF}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{314B276E-88F9-47F5-A892-DAAD50BCE75F}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{8D00FEB4-D861-4A93-B18F-527030E2830F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C98CE60F-74A2-4614-8237-786754F3C3CE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9EAC6622-A027-48F0-920D-CC82C82CA524}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A67904D2-E95E-4702-84EB-A862E3D16C85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9F7F04B7-6B8E-45D8-B042-73FE431576C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{753A0150-283A-4E5C-8A8A-F890C78C1F02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{813B1C94-8B8E-417C-9DF1-CC35122F26CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A9D36730-EB90-4C47-BAC2-DBB4A003F944}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D2D6533E-3039-472C-A633-9BB732E00A4D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E0421A51-83C4-4A38-9F6C-9468195C394E}] => (Allow) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{A53B8519-1CC5-4FBD-BE47-02E70AA0408E}] => (Allow) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{B1197934-E13A-4FEF-BB35-0C3677FDCA7A}] => (Allow) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{B3AB9835-762E-4DF6-931A-18EE9439EA88}] => (Allow) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{BB34DE95-0691-4268-A8B0-D859CFA70861}C:\users\0\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Block) C:\users\0\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{585F73FF-0A8E-4ECA-BEEC-831CA0A3BF09}C:\users\0\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Block) C:\users\0\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{52B84585-230B-4F31-A455-5FC54288CDA4}] => (Allow) D:\Archivos de programa\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{957D924D-1E65-40BD-A0E9-01FF7990DCD6}] => (Allow) D:\Archivos de programa\SideSync4\SideSync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{B4C16961-35A9-43C7-98C5-A67372B22A8B}D:\archivos de programa\sidesync4\sidesync.exe] => (Allow) D:\archivos de programa\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{C308447D-A8B3-4354-B9E4-6E65D4BD77D4}D:\archivos de programa\sidesync4\sidesync.exe] => (Allow) D:\archivos de programa\sidesync4\sidesync.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{24C1379C-9F64-4885-BC7C-8515E9BEA19E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E924DE22-0F4F-4806-8617-8ACA5163C526}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{190F7D9E-339D-4099-B27A-8F2683147CBD}C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe] => (Block) C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{23E13C3C-5377-468C-9A03-1688922B1DD6}C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe] => (Block) C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{E4D57257-7F3A-4FB8-9FC7-93AE25A034D9}C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe] => (Block) C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D0C0092E-3F30-4662-B8F6-B914F2DD6CBE}C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe] => (Block) C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45312.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2394A77E-171C-45D3-A9CD-F82F8B6F0F4B}] => (Allow) C:\Users\0\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [{7B6E469B-65EB-49EA-B699-77323CE51F97}] => (Allow) C:\Users\0\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build SPC -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [{1E19EA38-1920-4410-8E6A-36841E9E4F64}] => (Allow) C:\Users\0\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{145ECEB5-E804-4DB2-9DAA-7D6120D5A3B3}] => (Allow) C:\Users\0\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D37B6AD9-41E2-4CCF-90CF-A0A9722808D1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2020\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{8EEAF9C9-2610-4001-BAF5-87F4A2391F48}] => (Allow) C:\Program Files (x86)\Nero\Nero 2020\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{D369F76D-EDC1-415E-A2F9-425A1BD71EC4}C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45661.exe] => (Allow) C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45661.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{0F1634F0-4C32-46E8-8860-BBD71F20CBCC}C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45661.exe] => (Allow) C:\users\0\appdata\roaming\bittorrent\updates\7.10.5_45661.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CB8EBD66-0E2C-42FE-9808-278A1A26F527}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{948AE44B-CB29-43F2-B0C9-87FB6BCCDF83}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D5D927FD-8A51-40BC-BD9C-3FC75F84EC3A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Puntos de Restauración =========================

04-06-2020 12:30:20 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/10/2020 01:29:18 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\GoogleUpdateHelper.msi

Error: (06/10/2020 01:22:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "D:\Archivos de programa\SideSync4\SideSync.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/10/2020 01:22:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/10/2020 01:22:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/10/2020 01:22:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/10/2020 01:22:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/10/2020 01:22:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.

Error: (06/10/2020 01:22:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Error en la extracción de la lista raíz de terceros del archivo .CAB actualizado automáticamente: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> con el error: Se procesó correctamente una cadena de certificados, pero termina en un certificado de raíz no compatible con el proveedor de confianza.
.


Errores del sistema:
=============
Error: (06/10/2020 01:06:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/10/2020 01:06:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK.

Error: (06/10/2020 01:05:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Mobile Partner. OUC no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (06/10/2020 01:05:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Mobile Partner. OUC.

Error: (06/10/2020 12:24:58 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (06/10/2020 12:24:55 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (06/10/2020 12:24:55 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (06/10/2020 12:23:12 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.


CodeIntegrity:
===================================

Date: 2020-06-09 23:32:44.458
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-09 23:32:44.458
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-09 22:44:09.412
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-09 22:44:09.412
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-09 09:05:14.268
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-09 09:05:14.268
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-08 22:48:23.518
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-06-08 22:48:23.518
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64_prewin8.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. FA 07/04/2014
Placa base: Gigabyte Technology Co., Ltd. H81M-H
Procesador: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Porcentaje de memoria en uso: 97%
RAM física total: 3964.64 MB
RAM física disponible: 86.35 MB
Virtual total: 7927.48 MB
Virtual disponible: 2997.75 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:390.53 GB) (Free:238.89 GB) NTFS
Drive d: (DATOS) (Fixed) (Total:540.88 GB) (Free:495.49 GB) NTFS

\\?\Volume{52da81d7-8610-11e4-b975-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0005AE42)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola @Ulam

Paso 1:

Desinstala con Revo Uninstaller en su Modo Avanzado:

  • Avast Secure Browser.
  • Todas las versiones obsoletas de JAVA

Manual de Revo Uninstaller.

Paso 2:

Ejecutaste FRST desde un lugar incorrecto:

  • Ejecutado desde C:\Users\0\Downloads

Corta el ejecutable y pegalo en tu escritorio <<< Esto es Muy Importante.

Paso 3:

Con mucha atención realiza lo siguiente:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga/Ejecuta DelFix desde el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego ve a::

2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start::
CloseProcesses:
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {4A84E872-1BFB-4AB0-AEAF-721C1234D640} - System32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D} => C:\Windows\system32\pcalua.exe -a C:\Users\0\Downloads\OneDriveSetup.exe -d C:\Users\0\Downloads -c C:\Users\0\Downloads\OneDriveSetup.exe  /permachine  /silent  /childprocess /cusid:S-1-5-21-3182008213-275058121-709268771-1000
Task: {6389EE54-75F3-4B80-909C-A2255038B69D} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {6DDCB3C3-5B70-4A73-9A1F-AB2FA4EE2F79} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> Ningún archivo <==== ATENCIÓN
Task: {9A10E7FE-834A-4F7F-9BA1-74CE50B03B92} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {B53A569A-615C-4A1F-8852-E5BD555B932A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {C3DC70CB-6991-4631-B8D8-48B640FCFF1F} - System32\Tasks\{8FE69821-D631-43D3-8611-277AE9D18E20} => C:\Windows\system32\pcalua.exe -a "C:\Users\0\Downloads\Eraser 6.2.0.2982.exe" -d C:\Users\0\Downloads
Task: {C9D62901-076E-4EBF-8C79-4F964C396DCC} - System32\Tasks\{5C888DFF-204A-4800-A7F1-AD20D433C41E} => C:\Windows\system32\pcalua.exe -a "C:\Users\0\Downloads\Eraser 6.2.0.2986.exe" -d C:\Users\0\Downloads
Task: {CC2D9E3D-F28B-4697-AB93-B0725B1A729F} - System32\Tasks\{489B83BF-8D92-4C2C-B80F-8CA4FA49AD8A} => C:\Windows\system32\pcalua.exe -a "D:\Archivos de programa\Call of Duty Black Ops 2\redist\vcredist_x86.exe" -d "D:\Archivos de programa\Call of Duty Black Ops 2\redist"
Task: {E6D3C923-BFC2-4AB2-924B-25A035BA2F77} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {F2CFBB5E-5AAC-41E2-835D-9AABB39D03E4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Tcpip\..\Interfaces\{4B8D6942-51A1-4E7A-B4F4-39C16AB811B1}: [DhcpNameServer] 200.21.200.80 200.21.200.10
Tcpip\Parameters: [DhcpNameServer] 200.21.200.80 200.21.200.10
HKU\S-1-5-21-3182008213-275058121-709268771-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-co/?ocid=iehp
Toolbar: HKU\S-1-5-21-3182008213-275058121-709268771-1000 -> Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ningún archivo
FF NewTab: Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190920
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] [2020-06-09]
FF Extension: (Avast Online Security) - C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] [2020-06-09]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4222.138\elevation_service.exe [954600 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
2020-06-09 23:26 - 2019-09-20 15:58 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-06-09 23:26 - 2019-09-20 15:57 - 000000000 ____D C:\ProgramData\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:58 - 000000000 ____D C:\Users\0\AppData\Roaming\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:58 - 000000000 ____D C:\Users\0\AppData\Local\Lavasoft
2020-06-07 00:43 - 2015-05-13 10:23 - 000003364 _____ C:\Windows\system32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D}
2020-06-07 00:43 - 2015-02-19 22:56 - 000002972 _____ C:\Windows\system32\Tasks\{24B8DE82-A8BD-446F-A618-6159C736728F}
2020-06-07 00:43 - 2015-02-19 22:56 - 000002972 _____ C:\Windows\system32\Tasks\{05EBA2BB-F74E-4158-B576-C92CFC24BF32}
2020-06-07 00:43 - 2015-02-19 22:54 - 000002972 _____ C:\Windows\system32\Tasks\{C46339FE-C67F-49CC-9692-DB00C8453C02}
2020-06-02 15:29 - 2019-04-11 16:34 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-02 15:29 - 2018-03-20 02:23 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-28 09:25 - 2018-09-28 09:25 - 000000000 _____ () C:\Users\0\AppData\Local\oobelibMkey.log
AlternateDataStreams: C:\Users\0\Cookies:8bm9D2zgPT7Gh8HKMH7r99K [505]
AlternateDataStreams: C:\Users\0\AppData\Local\Archivos temporales de Internet:ktjrdPaPO2pZMCrCCR9q8 [2284]
C:\Program Files (x86)\AVAST Software\Browser
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END::
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

3.- Inicie su ordenador en >>> Modo Seguro >>> Aplicable a Windows 10. o Windows 7.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix/Corregir y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Paso 3: Luego de reiniciar Actualizas Java a su ultima versión.

Nos comentas.

Salu2.

Hola @SanMar

Acabo de percatarme de que hice algo cuando no habías indicado hacerlo, cuando dices que moviera frst64.exe al escritorio, lo hice y de inmediato hice el scan con frst. y ahora que debo hacer el paso 3 de iniciar en modo seguro no sé si deba continuar o no debido a q hice el scan cuando no debía. o no afecta?

por si acaso acá están los reportes de dicho escaneo que realicé cuando no había sido indicado y sin entrar en modo seguro ni haber guardado fixlist.txt en el escritorio :dizzy_face:

Editado

Hola @Ulam

Los nuevos reportes no son necesarios, solo sigue con exactitud los pasos que te deje.

Salu2

Hola @SanMar

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 06-06-2020
Ejecutado por 0 (12-06-2020 00:23:17) Run:1
Ejecutado desde C:\Users\0\Desktop
Perfiles cargados: 0
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
CloseProcesses:
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N
Task: {4A84E872-1BFB-4AB0-AEAF-721C1234D640} - System32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D} => C:\Windows\system32\pcalua.exe -a C:\Users\0\Downloads\OneDriveSetup.exe -d C:\Users\0\Downloads -c C:\Users\0\Downloads\OneDriveSetup.exe  /permachine  /silent  /childprocess /cusid:S-1-5-21-3182008213-275058121-709268771-1000
Task: {6389EE54-75F3-4B80-909C-A2255038B69D} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {6DDCB3C3-5B70-4A73-9A1F-AB2FA4EE2F79} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> Ning�n archivo <==== ATENCI�N
Task: {9A10E7FE-834A-4F7F-9BA1-74CE50B03B92} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {B53A569A-615C-4A1F-8852-E5BD555B932A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {C3DC70CB-6991-4631-B8D8-48B640FCFF1F} - System32\Tasks\{8FE69821-D631-43D3-8611-277AE9D18E20} => C:\Windows\system32\pcalua.exe -a "C:\Users\0\Downloads\Eraser 6.2.0.2982.exe" -d C:\Users\0\Downloads
Task: {C9D62901-076E-4EBF-8C79-4F964C396DCC} - System32\Tasks\{5C888DFF-204A-4800-A7F1-AD20D433C41E} => C:\Windows\system32\pcalua.exe -a "C:\Users\0\Downloads\Eraser 6.2.0.2986.exe" -d C:\Users\0\Downloads
Task: {CC2D9E3D-F28B-4697-AB93-B0725B1A729F} - System32\Tasks\{489B83BF-8D92-4C2C-B80F-8CA4FA49AD8A} => C:\Windows\system32\pcalua.exe -a "D:\Archivos de programa\Call of Duty Black Ops 2\redist\vcredist_x86.exe" -d "D:\Archivos de programa\Call of Duty Black Ops 2\redist"
Task: {E6D3C923-BFC2-4AB2-924B-25A035BA2F77} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {F2CFBB5E-5AAC-41E2-835D-9AABB39D03E4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
Tcpip\..\Interfaces\{4B8D6942-51A1-4E7A-B4F4-39C16AB811B1}: [DhcpNameServer] 200.21.200.80 200.21.200.10
Tcpip\Parameters: [DhcpNameServer] 200.21.200.80 200.21.200.10
HKU\S-1-5-21-3182008213-275058121-709268771-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-co/?ocid=iehp
Toolbar: HKU\S-1-5-21-3182008213-275058121-709268771-1000 -> Sin Nombre - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Ning�n archivo
FF NewTab: Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366 -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__190920
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] [2020-06-09]
FF Extension: (Avast Online Security) - C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] [2020-06-09]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-21] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-20] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.1.4222.138\elevation_service.exe [954600 2020-05-11] (Avast Software s.r.o. -> AVAST Software)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
2020-06-09 23:26 - 2019-09-20 15:58 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-06-09 23:26 - 2019-09-20 15:57 - 000000000 ____D C:\ProgramData\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:58 - 000000000 ____D C:\Users\0\AppData\Roaming\Lavasoft
2020-06-09 22:41 - 2019-09-20 15:58 - 000000000 ____D C:\Users\0\AppData\Local\Lavasoft
2020-06-07 00:43 - 2015-05-13 10:23 - 000003364 _____ C:\Windows\system32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D}
2020-06-07 00:43 - 2015-02-19 22:56 - 000002972 _____ C:\Windows\system32\Tasks\{24B8DE82-A8BD-446F-A618-6159C736728F}
2020-06-07 00:43 - 2015-02-19 22:56 - 000002972 _____ C:\Windows\system32\Tasks\{05EBA2BB-F74E-4158-B576-C92CFC24BF32}
2020-06-07 00:43 - 2015-02-19 22:54 - 000002972 _____ C:\Windows\system32\Tasks\{C46339FE-C67F-49CC-9692-DB00C8453C02}
2020-06-02 15:29 - 2019-04-11 16:34 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-06-02 15:29 - 2018-03-20 02:23 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-28 09:25 - 2018-09-28 09:25 - 000000000 _____ () C:\Users\0\AppData\Local\oobelibMkey.log
AlternateDataStreams: C:\Users\0\Cookies:8bm9D2zgPT7Gh8HKMH7r99K [505]
AlternateDataStreams: C:\Users\0\AppData\Local\Archivos temporales de Internet:ktjrdPaPO2pZMCrCCR9q8 [2284]
C:\Program Files (x86)\AVAST Software\Browser
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:

*****************

Procesos cerrados correctamente.
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A84E872-1BFB-4AB0-AEAF-721C1234D640}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A84E872-1BFB-4AB0-AEAF-721C1234D640}" => eliminado correctamente
C:\Windows\System32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6389EE54-75F3-4B80-909C-A2255038B69D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6389EE54-75F3-4B80-909C-A2255038B69D}" => eliminado correctamente
C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestart_chrome.exe" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DDCB3C3-5B70-4A73-9A1F-AB2FA4EE2F79}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DDCB3C3-5B70-4A73-9A1F-AB2FA4EE2F79}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A10E7FE-834A-4F7F-9BA1-74CE50B03B92}" => no encontrado
"C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B53A569A-615C-4A1F-8852-E5BD555B932A}" => no encontrado
"C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3DC70CB-6991-4631-B8D8-48B640FCFF1F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3DC70CB-6991-4631-B8D8-48B640FCFF1F}" => eliminado correctamente
C:\Windows\System32\Tasks\{8FE69821-D631-43D3-8611-277AE9D18E20} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8FE69821-D631-43D3-8611-277AE9D18E20}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9D62901-076E-4EBF-8C79-4F964C396DCC}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9D62901-076E-4EBF-8C79-4F964C396DCC}" => eliminado correctamente
C:\Windows\System32\Tasks\{5C888DFF-204A-4800-A7F1-AD20D433C41E} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5C888DFF-204A-4800-A7F1-AD20D433C41E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC2D9E3D-F28B-4697-AB93-B0725B1A729F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC2D9E3D-F28B-4697-AB93-B0725B1A729F}" => eliminado correctamente
C:\Windows\System32\Tasks\{489B83BF-8D92-4C2C-B80F-8CA4FA49AD8A} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{489B83BF-8D92-4C2C-B80F-8CA4FA49AD8A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6D3C923-BFC2-4AB2-924B-25A035BA2F77}" => no encontrado
"C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2CFBB5E-5AAC-41E2-835D-9AABB39D03E4}" => no encontrado
"C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => no encontrado
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4B8D6942-51A1-4E7A-B4F4-39C16AB811B1}\\DhcpNameServer" => eliminado correctamente
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => eliminado correctamente
"HKU\S-1-5-21-3182008213-275058121-709268771-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => eliminado correctamente
"HKU\S-1-5-21-3182008213-275058121-709268771-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => eliminado correctamente
"Firefox newtab" => eliminado correctamente
C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] => movido correctamente
C:\Users\0\AppData\Roaming\Mozilla\Firefox\Profiles\xwdkw8d6.default-1520192493366\Extensions\[email protected] => movido correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN" => no encontrado
C:\Program Files\VideoLAN\VLC\npvlc.dll => movido correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
HKLM\System\CurrentControlSet\Services\aswbIDSAgent => eliminado correctamente
aswbIDSAgent => servicio eliminado correctamente
avast => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\avast! Antivirus => eliminado correctamente
avast! Antivirus => servicio eliminado correctamente
avastm => servicio no encontrado.
AvastSecureBrowserElevationService => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\dbx => eliminado correctamente
dbx => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\EagleX64 => eliminado correctamente
EagleX64 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\Synth3dVsc => eliminado correctamente
Synth3dVsc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\tsusbhub => eliminado correctamente
tsusbhub => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\VGPU => eliminado correctamente
VGPU => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\X6va017 => eliminado correctamente
X6va017 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\X6va029 => eliminado correctamente
X6va029 => servicio eliminado correctamente
C:\Program Files (x86)\Lavasoft => movido correctamente
C:\ProgramData\Lavasoft => movido correctamente
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => movido correctamente
C:\Users\0\AppData\Roaming\Lavasoft => movido correctamente
C:\Users\0\AppData\Local\Lavasoft => movido correctamente
"C:\Windows\system32\Tasks\{7CF90C8A-1B42-4FB4-9C5D-3FCDA8253F5D}" => no encontrado
C:\Windows\system32\Tasks\{24B8DE82-A8BD-446F-A618-6159C736728F} => movido correctamente
C:\Windows\system32\Tasks\{05EBA2BB-F74E-4158-B576-C92CFC24BF32} => movido correctamente
C:\Windows\system32\Tasks\{C46339FE-C67F-49CC-9692-DB00C8453C02} => movido correctamente
"C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)" => no encontrado
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk" => no encontrado
C:\Users\0\AppData\Local\oobelibMkey.log => movido correctamente
C:\Users\0\Cookies => ":8bm9D2zgPT7Gh8HKMH7r99K" ADS eliminado correctamente
C:\Users\0\AppData\Local\Archivos temporales de Internet => ":ktjrdPaPO2pZMCrCCR9q8" ADS eliminado correctamente
"C:\Program Files (x86)\AVAST Software\Browser" => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= Final 1 CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final 1 CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final 1 CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final 1 CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final 1 CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final 1 CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final 1 CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final 1 CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3182008213-275058121-709268771-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3182008213-275058121-709268771-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final 1 RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16753577 B
Java, Flash, Steam htmlcache => 46084926 B
Windows/system/drivers => 18986354 B
Edge => 0 B
Chrome => 914703734 B
Firefox => 827616415 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 33058 B
ProgramData => 33058 B
systemprofile => 133039 B
systemprofile32 => 377739 B
LocalService => 509983 B
NetworkService => 587471 B
0 => 527450626 B

RecycleBin => 12851535545 B
EmptyTemp: => 14.2 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final 1 Fixlog 00:31:26 ====

Hola @Ulam

El Fix se ejecuto correctamente y tu equipo esta limpio paralo que decidas hacer.

Nos comentas.

Salu2

vale muchas gracias @SanMar !!

Para escanear la Usb en la que crearé los medios de instalación de windows 10 con malwarebytes es suficiente? y después de formatear e instalar windows debo escanear igual con malwarebytes los discos extraibles en los que hice los backups? para volver a restaurar parte de esos archivos en la pc.