Malwarebytes detecta virus

#1

Buenas tardes,

Instale un programa Driverpack 2019 y noté inestable el Pc.Desinstalé el programa,restauré a un punto anterior y pasé Malwarebytes y este es el resultado:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 17/5/19
Hora del análisis: 23:34
Archivo de registro: 85630f04-78eb-11e9-a2f2-74d435b1ed6c.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10648
Licencia: Gratis

-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: MIPC\Antonio

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 321328
Amenazas detectadas: 6
Amenazas en cuarentena: 6
Tiempo transcurrido: 7 min, 38 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 3
PUP.Optional.DriverPack, HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\DRPSU, En cuarentena, [557], [472301],1.0.10648
PUP.Optional.DriverPack, HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, En cuarentena, [557], [472299],1.0.10648
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, En cuarentena, [557], [472300],1.0.10648

Valor del registro: 2
PUP.Optional.DriverPack, HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\DRPSU|CLIENTID, En cuarentena, [557], [472301],1.0.10648
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, En cuarentena, [557], [472300],1.0.10648

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.DriverPack, C:\USERS\ANTONIO\DOWNLOADS\DRIVERPACK-17-ONLINE_1267140154.1557951165.EXE, En cuarentena, [557], [663640],1.0.10648

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Muchas gracias por vuestra ayuda.

#2

Hola @caballoblanco1963

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

#3

Hola SanMar,

Antes de pegar los reportes quisiera comentarte otro problema: hoy al abrir fotos en el visualizador de fotos,las fotografías salen en negro.

Pego los reportes

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-05.2019
Ran by Antonio (18-05-2019 20:43:42)
Running from C:\Users\Antonio\Downloads
Windows 8.1 Enterprise (Update) (X64) (2019-03-14 16:19:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1604764725-3681772004-1819303514-500 - Administrator - Disabled)
Antonio (S-1-5-21-1604764725-3681772004-1819303514-1001 - Administrator - Enabled) => C:\Users\Antonio
ARACELI (S-1-5-21-1604764725-3681772004-1819303514-1005 - Limited - Enabled) => C:\Users\ARACELI
CLAUDIA (S-1-5-21-1604764725-3681772004-1819303514-1003 - Limited - Enabled)
Invitado (S-1-5-21-1604764725-3681772004-1819303514-501 - Limited - Disabled)
SANDRA (S-1-5-21-1604764725-3681772004-1819303514-1004 - Limited - Enabled) => C:\Users\SANDRA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
ACP Application (HKLM\...\{E41DBD59-18EC-BB7B-A605-0A4CC449A599}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Alien Skin Exposure X2 (HKLM\...\Alien Skin Exposure X2) (Version:  - Alien Skin)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7102 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.438 - AVAST Software)
AVerMedia A835 USB DVB-T 8.2.64.64 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 8.2.64.64 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.60.32453 - Electronic Arts)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version:  - Boris FX, Inc.)
Canon Camera Access Library (HKLM-x32\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM-x32\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.1.0.7 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.2.0.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.4.2.6 - )
Canon MP Navigator EX 1.2 (HKLM-x32\...\MP Navigator EX 1.2) (Version:  - )
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.4.0.7 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities Digital Photo Professional 2.2 (HKLM-x32\...\DPP) (Version: 2.2.0.1 - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.7.0.74 - )
Catalyst Control Center Next Localization BR (HKLM\...\{DF13D5F3-B763-EA16-CEC2-BB7C2CFE0855}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{3A3C25FB-AC63-9E0A-23D4-52A53DDDA807}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{42858DC5-DE1D-91ED-2788-ECF02B179F10}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{037AB466-8629-B2C7-C357-21816C161F91}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{ABC1588A-96EC-94D8-6DBF-2B82969B05A7}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0341D135-C6D2-9793-2581-57C899A4865A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{8DD2FAA5-8EAE-93A6-402E-AB754E6F5B23}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{B924C2E4-91BA-B52E-EE94-376F26D43A4A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B3A1627D-BF33-8532-BC93-1828CBDC72D6}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{86E1F508-88D1-A0D2-629B-49055DF8EE24}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{CF60ECA0-BF51-E8E7-09EA-3FF2BDBE4B84}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{DAB6C144-ECED-FA3A-0845-9D12D2926C89}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{F2BEBD65-897A-F8AA-D678-E06A6168D4DB}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{23060CA1-30E9-E4CC-2980-7DAD34665A37}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{BFEA14DC-2C71-7301-3FFD-3B4A3D7AC927}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B16E7001-FC5E-D123-CB47-8385ABF32327}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{84711F7D-B9C2-6412-FA6F-78D83B8A888A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1C9A2A2-6E01-F31E-4CDD-4B94E2AA1864}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{CE66D705-0C16-EAFC-BD9E-55EF8115A3DB}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{70E3573A-6245-D27D-6226-058F961A98D0}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B3326959-589E-0979-8074-2449D0D5F4F4}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CyberLink PowerDirector 17 (HKLM-x32\...\{FEAC3AD0-1026-4F63-AAAF-E5CFF422BCCD}) (Version: 17.0.2514.2 - CyberLink Corp.)
CyberLink Screen Recorder 2 (HKLM-x32\...\{FC986EFE-0ACC-44CD-B34F-42C5DCFA7800}) (Version: 2.1.0.4444 - CyberLink Corp.)
Deezer 4.3.4 (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.3.4 - Deezer)
Deezer 4.3.4 (HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.3.4 - Deezer)
Deezer 4.3.4 (HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.3.4 - Deezer)
DxO FilmPack 5 (HKLM\...\{30F13C0B-3D7A-503C-B95E-FA9FFBC0A5BF}) (Version: 5.5.542.0 - DxO Labs)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Drive (HKLM-x32\...\{7A21C722-F259-4976-B7AA-6658E5FDEDAF}) (Version: 1.7.4018.3496 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
Imagenomic Portraiture 3 Plug-in (build 3027) (HKLM\...\Portraiture 3_is1) (Version: 3027 - Team V.R)
inPixio Photo Clip 8 (HKLM-x32\...\{65634D2B-B6D1-4B35-B4C9-F3999B8D008B}) (Version: 8.2.0 - InPixio)
IPM_Common_x64 (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.10.442 - Your Company Name) Hidden
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
K-Lite Codec Pack 14.8.8 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.8.8 - KLCP)
Kodi (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Kodi) (Version:  - XBMC Foundation)
Kodi (HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\Kodi) (Version:  - XBMC Foundation)
Kodi (HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\Kodi) (Version:  - XBMC Foundation)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Movie Studio 16.0 Platinum (HKLM\...\{CE89B1A1-2900-11E9-8CF5-E570ED733677}) (Version: 16.0.109 - VEGAS)
Mozilla Firefox 66.0.5 (x64 es-ES) (HKLM\...\Mozilla Firefox 66.0.5 (x64 es-ES)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Nero 2018 (HKLM-x32\...\{DB8EF13D-AD5C-4893-BB41-BD010964E730}) (Version: 19.0.10200 - Nero AG)
Nero 2018 Content Pack 1 (HKLM-x32\...\{ED2B4941-349B-4E16-B339-0D1FF2B7A788}) (Version: 19.0.01300 - Nero AG)
Nero 2018 Content Pack 2 (HKLM-x32\...\{4E3C72F5-9FEF-4380-ABA3-BA670F995538}) (Version: 19.0.01400 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro (HKLM\...\{DED283CF-9FC6-4AC2-9D25-86A5E7740E16}) (Version: 11.0.3.173 - Nitro)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON1 Photo RAW 2018 (HKLM\...\ON1 Photo RAW 2018 PE) (Version: 12.0.0 - ON1)
Origin (HKLM-x32\...\Origin) (Version: 10.5.36.23506 - Electronic Arts, Inc.)
ParticleShop - Core (HKLM\...\{08E7567C-74B3-4956-B575-F55BFCC77C31}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (HKLM\...\{9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (HKLM\...\{67BDB811-383B-4D2B-870E-F27D2511F200}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (HKLM\...\{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\{D4F483F8-71F1-457F-AB1B-31C61529B658}) (Version: 1.3 - Corel Corporation) Hidden
Perfectly Clear V3 (x64) (HKLM\...\{9851DFD9-53C7-4D04-AB9D-641293902873}) (Version: 3.5.4.1118 - Athentech Imaging)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
Pinnacle Studio 22 (HKLM\...\{74D19994-F843-4BFE-9850-18DFFC8A1056}) (Version: 22.1.0.246 - Corel Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.3 - Power Software Ltd)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0004 - Nero AG) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Registro de usuario de Canon MP190 series (HKLM-x32\...\Registro de usuario de Canon MP190 series) (Version:  - )
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Songr (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Songr) (Version: 2.1 - Xamasoft)
Songr (HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\Songr) (Version: 2.1 - Xamasoft)
Songr (HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\Songr) (Version: 2.1 - Xamasoft)
Spotify (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Spotify) (Version: 1.1.5.153.gf614956d - Spotify AB)
Spotify (HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\Spotify) (Version: 1.1.3.259.g8172f63a - Spotify AB)
Spotify (HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\Spotify) (Version: 1.1.3.259.g8172f63a - Spotify AB)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Uninstall Megadede (HKLM\...\428792f5-75f6-56a9-bc54-ed4a7f639ad5) (Version: 1.0.7 - FjRamírez)
VEGAS Pro 16.0 (HKLM\...\{D19FC640-615E-11E9-BD59-00155D6302F2}) (Version: 16.0.424 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.0.8) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Free Video Converter(Build 10.1.0.9) (HKLM-x32\...\Free Video Converter_is1) (Version: 10.1.0.9 - Wondershare Software)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 8.7.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.7.0.5 - Wondershare Software)

Packages:
=========
Biblioteca de Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2019-05-15] (Extensiones de plataforma de Microsoft)
Biblioteca de Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions)
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2019-05-15] (m1df_mmengesha)
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2019-05-15] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2019-05-15] (M1DF_Mmengesha)
Test_FrameworkProd_062215_01 -> C:\Program Files\WindowsApps\50856m1dfLL.TestFrameworkProd06221501_1.0.0.10_neutral__nwcxtg9ehxpvt [2019-05-15] (m1df_lucyll)
TESTFRAMEWORKABO2 -> C:\Program Files\WindowsApps\40538vasetest101.TESTFRAMEWORKABO2_12.0.21005.1_x64__ssm1v0s3df7zc [2019-05-15] (vasetest101)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1604764725-3681772004-1819303514-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-06 19:11 - 2017-09-06 19:11 - 000125952 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000086528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000214528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-04-01 19:49 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-03-14 19:11 - 2012-06-09 12:33 - 000053248 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2019-03-14 19:10 - 2011-04-01 08:52 - 000403456 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2019-04-14 23:28 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-04-14 23:28 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-01-17 12:24 - 2012-01-17 12:24 - 000055296 _____ () [File not signed] C:\Windows\SysWOW64\ASGT.exe
2019-04-15 22:45 - 2015-02-27 14:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2017-07-04 18:02 - 2017-07-04 18:02 - 000121856 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
2017-07-04 18:18 - 2017-07-04 18:18 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamesp.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2019-03-14 19:10 - 2012-11-02 12:28 - 000114688 ____R (AVerMedia TECHNOLOGIES, Inc) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\A825.dll
2019-03-14 19:10 - 2010-08-09 15:59 - 000118784 ____R (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\AVERAPI.dll
2019-03-14 19:10 - 2012-08-31 09:07 - 000110592 ____R (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2019-03-14 19:10 - 2011-07-21 04:40 - 000368640 ____R (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2019-03-14 19:10 - 2011-08-19 08:43 - 000360448 ____R (AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
2017-12-07 03:12 - 2019-03-15 22:47 - 009948024 _____ (Nero AG -> Nero AG) [File not signed] C:\Program Files (x86)\Common Files\Nero\AdvrCntr6\AdvrCntr6.dll
2019-04-01 19:49 - 2018-09-05 21:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-04-14 23:28 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-15 23:24 - 2019-03-26 20:31 - 000001055 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 platform.wondershare.com
127.0.0.1 tools.avanquest.com
127.0.0.1 api.avanquest.com
127.0.0.1 www.avanquest.com
0.0.0.0                   telemetry.malwarebytes.com
0.0.0.0                   telemetry.mwbsys.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Antonio\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\copiaaaa.jpgsssssssssssssssssss.jpg
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\SANDRA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\ARACELI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "AVer HID Receiver.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AVerQuick.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{55DE0ABF-19C3-4304-99C3-E7EBA1DEE451}] => (Allow) C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2864DF4B-EEC6-45B3-A65D-38D85D55D123}] => (Allow) C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F9702EBA-E1F6-4750-91E6-187613848D81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E2FCC257-224C-446F-AEE0-DCCD5D7B75A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9B7993B0-43CA-4ABE-BD48-A06A7A5BEF78}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AC7E9C3-2FE0-467E-8E2C-89F3AB2CAD03}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{960C4DC3-B8CF-4D3D-A608-F5F6D0D583C0}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{368F28BA-207C-43AF-AF78-34790F1C35BD}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{263B0FCD-EC23-4A5F-BC45-7684BF321AF0}C:\users\antonio\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{61D88A05-7AF6-4E46-B01F-E04B9663566B}C:\users\antonio\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5CDA9DCB-545C-4DB3-8242-C6863CE25378}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{5ED080FF-74F3-4585-BF45-A55104A82FF6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{936DE4DF-3783-4B35-B904-6704E2248F5B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{7A7B4937-B33D-4ECA-B2F3-48AD1747A608}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{3CE8A469-9D54-491C-8021-F138E4A2122A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{F78C0EC0-DAB7-4E49-B765-4F2CDA05F26F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{99A9E555-6DBC-4630-8B76-5A08787772A2}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{130E865F-7DCC-4B93-BB0C-3207A899FD43}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{DCA7600B-4287-4028-8543-F27D838493BE}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{BC897EFB-165E-4D53-9D5A-D2EC13415B59}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{CBA5ED0D-6023-4D64-9778-9F2591DFD67E}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{CFC0EE10-08EA-440F-93D4-40B587E80EBF}] => (Allow) C:\Program Files\Pinnacle\Studio 22\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [TCP Query User{307EDDF8-DFF8-4936-9636-ADF25AB58CA0}C:\users\antonio\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\antonio\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{28A8F4D8-3BCD-4371-B2FC-9371451462A2}C:\users\antonio\appdata\local\programs\deezer.desktop\deezer.exe] => (Allow) C:\users\antonio\appdata\local\programs\deezer.desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [TCP Query User{4D0C0B24-BCB5-4D33-B13D-753059FB0354}C:\program files\megadede\megadede.exe] => (Block) C:\program files\megadede\megadede.exe (FjRamírez) [File not signed]
FirewallRules: [UDP Query User{9B3198B3-E24E-4D0F-8FCD-7B59880DA629}C:\program files\megadede\megadede.exe] => (Block) C:\program files\megadede\megadede.exe (FjRamírez) [File not signed]
FirewallRules: [TCP Query User{EF735B6A-D065-4119-9A88-9E3341426064}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{DE6D81DF-46AD-4FB3-8B6D-81E00177BBBD}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{7421DC97-0873-46E6-AF07-B3A0E92A3F9D}C:\program files\on1\on1 photo raw 2018\on1 photo raw 2018.exe] => (Block) C:\program files\on1\on1 photo raw 2018\on1 photo raw 2018.exe (ON1, Inc. -> ON1, Inc.)
FirewallRules: [UDP Query User{58D4C863-511A-43A8-A267-D3894D8B3E48}C:\program files\on1\on1 photo raw 2018\on1 photo raw 2018.exe] => (Block) C:\program files\on1\on1 photo raw 2018\on1 photo raw 2018.exe (ON1, Inc. -> ON1, Inc.)
FirewallRules: [TCP Query User{DE044FDA-2ED7-49BA-B6A9-2F8C298AE19C}C:\program files\megadownloader\megadownloader.exe] => (Allow) C:\program files\megadownloader\megadownloader.exe () [File not signed]
FirewallRules: [UDP Query User{759C2797-F2D8-444E-ABD3-0406A821BFA3}C:\program files\megadownloader\megadownloader.exe] => (Allow) C:\program files\megadownloader\megadownloader.exe () [File not signed]
FirewallRules: [{C7A62E74-279D-4110-98BD-28946B0A1B31}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe No File
FirewallRules: [{6DB2FE16-CA07-4EF4-A62A-CF4CC652DB73}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe No File
FirewallRules: [TCP Query User{0DF69DAF-6CA3-43B4-BF16-4DC64B619083}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{4C568C53-068E-491C-8E08-D09B48E95C58}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{9BB4B419-3E75-4CBB-8A3A-CDA79219FD0A}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9E80B001-FB59-4027-8619-993F0983BDF2}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{BA708A74-0CD9-4F17-A6DB-745AC1781578}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{27932910-BD39-4616-A993-2D27E7D163B3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{4B35C46F-E863-4AD7-9DFB-B6E1D8E512F9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{943527C7-FD34-4159-85F2-F541C28BD476}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{1325BFB1-1D7D-43C5-AEF3-DEB9178A2D6A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{1D370830-1BFB-425B-8771-0B209AC5ABFA}] => (Allow) C:\Users\Antonio\AppData\Local\Temp\DriverPack-20190515221303\tools\aria2c.exe () [File not signed]

==================== Restore Points =========================

05-05-2019 09:53:09 Punto de control programado
15-05-2019 22:17:09 DriverPack 17.10.13
15-05-2019 23:08:14 Operación de restauración

==================== Faulty Device Manager Devices =============

Name: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Description: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2019 08:09:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa IEXPLORE.EXE, versión 11.0.9600.17416, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 14d4

Hora de inicio: 01d50d9a5550058e

Hora de finalización: 92

Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Identificador de informe: 0b2eb310-7998-11e9-8273-382c4a45b3c9

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (05/17/2019 11:18:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "c:\program files (x86)\Nero\nero 2018\nero recode\NMTvWizard.exe.Manifest". Error en el archivo de manifiesto o directiva "c:\program files (x86)\Nero\nero 2018\nero recode\PTT\PTT.MANIFEST" en la línea 3.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es PTT,processorArchitecture="x86",type="win32",version="19.1.0.0".
La definición es PTT,processorArchitecture="x86",type="win32",version="19.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (05/17/2019 11:08:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "c:\program files (x86)\Nero\nero 2018\nero recode\NMTvWizard.exe.Manifest". Error en el archivo de manifiesto o directiva "c:\program files (x86)\Nero\nero 2018\nero recode\PTT\PTT.MANIFEST" en la línea 3.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es PTT,processorArchitecture="x86",type="win32",version="19.1.0.0".
La definición es PTT,processorArchitecture="x86",type="win32",version="19.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (05/16/2019 10:01:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa DotNet.exe, versión 0.0.0.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1b64

Hora de inicio: 01d50c221f5f5056

Hora de finalización: 4294967295

Ruta de acceso de la aplicación: C:\Users\Antonio\AppData\Roaming\DRPsu\PROGRAMS\DotNet.exe

Identificador de informe: 6ae49e00-7815-11e9-8273-382c4a45b3c9

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (05/15/2019 11:23:07 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2019 11:08:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (05/15/2019 11:07:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa Explorer.EXE, versión 6.3.9600.17415, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: df8

Hora de inicio: 01d50b613e283653

Hora de finalización: 4294967295

Ruta de acceso de la aplicación: C:\Windows\Explorer.EXE

Identificador de informe: 06c96e55-7755-11e9-8275-74d435b1ed6c

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (05/15/2019 11:00:29 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (05/18/2019 08:10:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 70.

Error: (05/18/2019 08:10:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 70.

Error: (05/18/2019 08:10:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 70.

Error: (05/18/2019 08:10:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 70.

Error: (05/18/2019 07:30:00 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/18/2019 06:59:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 20.

Error: (05/15/2019 11:27:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Wondershare Application Framework Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/15/2019 11:27:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Avast Cleanup Premium no respondió después de iniciar.


Windows Defender:
===================================
Date: 2019-03-31 22:33:33.549
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: Sistema de inspección de la red
Código del error: 0x8007045b
Descripción del error: Se está cerrando el sistema. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:33:33.549
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: Supervisión de comportamiento
Código del error: 0x8007045b
Descripción del error: Se está cerrando el sistema. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:33:33.549
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: En acceso
Código del error: 0x8007045b
Descripción del error: Se está cerrando el sistema. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:28:52.599
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: Sistema de inspección de la red
Código del error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:23:33.925
Description: 
Windows Defender ha encontrado un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.155.266.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: Antivirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.9700.0
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F7 11/25/2014
Motherboard: Gigabyte Technology Co., Ltd. F2A88XM-D3H
Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
Percentage of memory in use: 35%
Total physical RAM: 7111.27 MB
Available physical RAM: 4557.25 MB
Total Virtual: 14279.27 MB
Available Virtual: 10556.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:606.83 GB) NTFS
Drive d: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:934.07 GB) (Free:297.75 GB) NTFS
Drive f: (Nuevo vol) (Fixed) (Total:928.85 GB) (Free:166.7 GB) NTFS
Drive g: (Inglés_def_Prin) (CDROM) (Total:0.54 GB) (Free:0 GB) UDF

\\?\Volume{e3493422-4672-11e9-824e-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 534337B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=934.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=928.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9954B94F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#4
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-05.2019
Ran by Antonio (administrator) on MIPC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (18-05-2019 20:42:41)
Running from C:\Users\Antonio\Downloads
Loaded Profiles: Antonio & SANDRA & ARACELI (Available Profiles: Antonio & SANDRA & ARACELI)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Español (España, internacional)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
() [File not signed] C:\Windows\SysWOW64\ASGT.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\BackItUp.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-25] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-13] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2018-11-22] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1162104 2017-12-15] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\Video Converter Free\WSVCUUpdateHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-06-12] (Wondershare software CO., LIMITED -> )
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607256 2018-08-30] (proDAD GmbH -> proDAD GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-04-01]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine.lnk [2019-04-01]
ShortcutTarget: Avast SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2019-03-14]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2019-03-14]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0360D1E6-040F-4E10-B872-A6730280F65B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {10414231-1EB6-4716-8463-ECA206E20F4A} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [3220640 2013-08-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {312BA37B-A621-4E64-A58E-C18B1756C294} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-14] (Google Inc -> Google Inc.)
Task: {315C7DB5-03E0-4C28-95EF-4EF158357F58} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
Task: {344198BD-A8A5-4BB7-83D3-EA574AFA829A} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6885240 2017-08-10] (Nero AG -> Nero AG)
Task: {6E522A61-304D-4D51-954D-F53C4D0EDB72} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A1EF29-B1CB-4C2F-95DE-E228859E1743} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75350FE6-E8F4-472D-BA3A-4A3AC6C6CB52} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9664FEFC-4FD3-4FB8-BB33-E14020AA5349} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-14] (Adobe Inc. -> Adobe)
Task: {9AA20150-3ACA-49AE-8F41-6B22232C3DB1} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {A507EB3E-F105-4E22-9DD4-F42BD16A54A2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {B1197BE6-8758-4105-B3CA-AEC93C47D999} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1662200 2019-02-27] (Corel Corporation -> Corel Corporation)
Task: {BE875EB4-932D-4F76-A7C9-154F597F8E52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-14] (Google Inc -> Google Inc.)
Task: {C0B0DD2D-7475-41FB-A380-850131194EB7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C35320FB-5BFB-4DDC-986B-BE0BB01F1143} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {C7CB2E15-B45F-4A5A-9F8D-017F41BAD02D} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1389392 2019-04-02] (AVAST Software s.r.o. -> AVAST Software)
Task: {D0B98801-6485-4332-9F68-0EE462363489} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9689862-A0DA-4AF0-B079-94E653460692} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E1319E49-D80E-4118-81C9-96D9D80EE832} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-03-12] () [File not signed]
Task: {E46C97A6-F31B-4C00-8EA8-D13C3BE46E55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0F14130E-93B6-4A86-89E0-05486040DB39}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10868FF7-190E-4D54-B652-2BCAC718F495}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-03-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-03-14] (Google Inc -> Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-03-14] (Google Inc -> Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-03-14] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-03-14] (Google Inc -> Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: as0l3of6.default
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default [2019-05-18]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-05-12]
FF Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-04-29]
FF Extension: (bet365fullScreen) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\{053805b7-2184-40fe-aef3-578d02739b05}.xpi [2019-04-27]
FF Extension: (FC Barcelona v2) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\{39df96ce-acbd-420f-bc71-14807e5f4774}.xpi [2019-03-18]
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2019-03-15] ( ) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default [2019-05-18]
CHR Extension: (Presentaciones) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-14]
CHR Extension: (Documentos) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-14]
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-14]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-14]
CHR Extension: (Dolphins) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\comjiiebdbhpfpdiehcaielmdjlmhplp [2019-03-19]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-18]
CHR Extension: (Hojas de cálculo) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-14]
CHR Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (PlayTo para Chromecast™) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2019-03-31]
CHR Extension: (Player para ver Movistar+) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-14]
CHR Extension: (Gmail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [543112 2017-07-05] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-04] (Advanced Micro Devices) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [373416 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
S4 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S4 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10227280 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-12-15] (Nero AG -> Nero AG)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] (Nitro Software, Inc. -> )
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-04-06] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-04-06] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2019-03-15] (Photodex Corporation -> )
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6688232 2019-03-28] (AVAST Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Free\Transfer\DriverInstall.exe [107624 2018-12-21] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [36562312 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [520584 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [80640 2013-07-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [25344 2013-07-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [254128 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320624 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57888 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166848 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [526376 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1031000 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [476776 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [220640 2019-04-16] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385848 2019-04-24] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 etdrv; C:\Windows\etdrv.sys [25640 2019-05-11] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2019-05-11] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2019-05-11] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-17] (Malwarebytes Corporation -> Malwarebytes)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-18 20:42 - 2019-05-18 20:43 - 000032955 _____ C:\Users\Antonio\Downloads\FRST.txt
2019-05-18 20:42 - 2019-05-18 20:42 - 000000000 ____D C:\FRST
2019-05-18 20:29 - 2019-05-18 20:29 - 028202640 _____ (AMD Inc.) C:\Users\Antonio\Downloads\radeon-software-adrenalin-2019-19.5.1-minimalsetup-190513_web.exe
2019-05-18 20:15 - 2019-05-18 20:42 - 000001445 _____ C:\Users\Antonio\Desktop\FRST64.exe - Acceso directo.lnk
2019-05-18 20:14 - 2019-05-18 20:15 - 002435072 _____ (Farbar) C:\Users\Antonio\Downloads\FRST64.exe
2019-05-18 18:24 - 2019-05-18 18:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-05-17 23:43 - 2019-05-17 23:43 - 000002227 _____ C:\Users\Antonio\Desktop\Malwarebytes.txt
2019-05-16 22:08 - 2019-05-16 22:08 - 000137665 _____ C:\Users\Antonio\Desktop\reg-20190518-catsub18aladmesos.pdf
2019-05-15 22:25 - 2019-05-15 22:36 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\360WD
2019-05-15 22:25 - 2019-05-15 22:25 - 000000000 ____D C:\ProgramData\360safe
2019-05-15 22:24 - 2019-05-15 22:52 - 000000000 _RSHD C:\360SANDBOX
2019-05-15 22:23 - 2019-05-15 22:25 - 000000000 ____D C:\ProgramData\360TotalSecurity
2019-05-15 22:23 - 2019-05-15 22:23 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\360TotalSecurity
2019-05-15 22:23 - 2019-05-15 22:23 - 000000000 ____D C:\Program Files (x86)\360
2019-05-15 22:15 - 2014-09-10 18:14 - 000163480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 001070232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000660120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000444328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000259736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000222360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000131728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000130712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2019-05-15 22:15 - 2013-11-25 15:27 - 000127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL
2019-05-15 22:15 - 2013-11-25 15:27 - 000104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2019-05-15 22:15 - 2013-11-25 15:27 - 000084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2019-05-15 22:15 - 2011-01-12 21:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2019-05-15 22:15 - 2011-01-12 21:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2019-05-15 22:15 - 2008-04-15 14:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2019-05-15 22:15 - 2006-08-25 22:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2019-05-15 22:15 - 1996-01-12 02:00 - 000935632 _____ (Microsoft Corporation) C:\Windows\system\Vb40016.dll
2019-05-15 22:15 - 1996-01-12 02:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2019-05-15 22:15 - 1994-11-17 23:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2019-05-15 22:15 - 1993-05-11 19:00 - 000398416 _____ (Microsoft Corporation) C:\Windows\system\Vbrun300.dll
2019-05-15 22:15 - 1992-10-21 00:00 - 000356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2019-05-15 22:15 - 1991-05-10 01:00 - 000271264 _____ C:\Windows\system\vbrun100.dll
2019-05-15 22:14 - 2019-05-15 22:14 - 000000000 ____D C:\Users\Antonio\.cache
2019-05-15 22:13 - 2019-05-15 22:14 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\DRPSu
2019-05-15 22:08 - 2019-05-15 22:08 - 005291792 _____ (Device Doctor Software Inc. ) C:\Users\Antonio\Downloads\DeviceDoctor_Bundle.exe
2019-05-15 21:54 - 2019-05-15 21:54 - 001010720 _____ (Slimware Utilities Holdings, Inc.) C:\Users\Antonio\Downloads\avastdriverupdater.exe
2019-05-15 21:53 - 2019-05-15 21:53 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-15 21:52 - 2019-05-15 21:53 - 021315608 _____ (Piriform Software Ltd) C:\Users\Antonio\Downloads\ccsetup557.exe
2019-05-15 16:56 - 2019-05-15 16:57 - 000000000 ____D C:\Users\SANDRA\AppData\LocalLow\Adobe
2019-05-14 23:02 - 2019-05-14 23:02 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\uTorrent
2019-05-12 22:43 - 2019-05-17 23:31 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-11 18:45 - 2019-05-11 18:45 - 007025360 _____ (Malwarebytes) C:\Users\Antonio\Downloads\adwcleaner_7.3.exe
2019-05-11 11:14 - 2019-05-11 11:14 - 000281208 _____ C:\Windows\Minidump\051119-204953-01.dmp
2019-05-11 11:14 - 2019-05-11 11:14 - 000000000 ____D C:\Windows\Minidump
2019-05-11 11:11 - 2019-05-11 11:11 - 774169014 _____ C:\Windows\MEMORY.DMP
2019-05-10 23:49 - 2019-05-10 23:50 - 000650240 _____ C:\Users\Antonio\Downloads\Liquidación dietes (1) (1).xls
2019-05-10 23:49 - 2019-05-10 23:49 - 000650240 _____ C:\Users\Antonio\Downloads\Liquidación dietes (1).xls
2019-05-06 21:28 - 2019-05-11 09:41 - 000000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2019-05-04 17:50 - 2019-05-04 17:50 - 000016814 _____ C:\Users\Antonio\Downloads\1544389588-Solo [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2019-05-03 18:25 - 2019-05-03 18:25 - 000020574 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x06) (2).torrent
2019-05-03 18:25 - 2019-05-03 18:25 - 000019507 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x05) (3).torrent
2019-05-03 18:17 - 2019-05-03 18:17 - 000018659 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x04 (2).torrent
2019-05-03 18:16 - 2019-05-03 18:16 - 000019527 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_4x04.torrent
2019-05-03 18:09 - 2019-05-03 18:09 - 000017308 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x04-jwAow (2).torrent
2019-05-02 22:30 - 2019-05-02 22:30 - 000011803 _____ C:\Users\Antonio\Downloads\1556730519-La Gaviota [1080p][Castellano][wWw.EliteTorrent.IO] (1).torrent
2019-05-02 22:30 - 2019-05-01 11:45 - 000000000 ____D C:\Users\Antonio\Downloads\M4G1X2K19.AP.ZENTINELS
2019-05-02 22:29 - 2019-05-02 22:30 - 573849274 _____ C:\Users\Antonio\Downloads\M4G1X2K19.AP.ZENTINELS.rar
2019-05-02 22:29 - 2019-05-02 22:30 - 000011803 _____ C:\Users\Antonio\Downloads\1556730519-La Gaviota [1080p][Castellano][wWw.EliteTorrent.IO].torrent
2019-05-01 16:35 - 2019-05-01 16:35 - 000017308 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x04-jwAow (1).torrent
2019-05-01 16:34 - 2019-05-01 16:34 - 000016748 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x10-i82NE (2).torrent
2019-05-01 16:33 - 2019-05-01 16:33 - 000016748 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x10-i82NE (1).torrent
2019-05-01 16:29 - 2019-05-01 16:29 - 000021007 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x13) (2).torrent
2019-05-01 16:28 - 2019-05-01 16:28 - 000019507 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x05) (2).torrent
2019-05-01 16:25 - 2019-05-01 16:25 - 000020627 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x04) (2).torrent
2019-05-01 11:03 - 2019-05-01 11:03 - 000020827 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(2x13) (1).torrent
2019-05-01 11:03 - 2019-05-01 11:03 - 000020267 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(2x04) (1).torrent
2019-05-01 11:03 - 2019-05-01 11:03 - 000019727 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(2x10) (1).torrent
2019-05-01 11:03 - 2019-05-01 11:03 - 000019707 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(2x06) (1).torrent
2019-05-01 11:03 - 2019-05-01 11:03 - 000019447 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(2x08) (1).torrent
2019-05-01 11:02 - 2019-05-01 11:02 - 000020187 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x07) (2).torrent
2019-05-01 10:59 - 2019-05-01 10:59 - 000020887 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x03) (2).torrent
2019-05-01 10:59 - 2019-05-01 10:59 - 000020247 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x02) (2).torrent
2019-05-01 10:46 - 2019-05-01 10:46 - 000022147 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x12) (2).torrent
2019-05-01 10:46 - 2019-05-01 10:46 - 000020807 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x10) (2).torrent
2019-05-01 10:46 - 2019-05-01 10:46 - 000020527 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x11) (2).torrent
2019-04-28 23:00 - 2019-04-28 23:00 - 000022147 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x12) (1).torrent
2019-04-28 23:00 - 2019-04-28 23:00 - 000021707 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x01) (1).torrent
2019-04-28 23:00 - 2019-04-28 23:00 - 000020887 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x03) (1).torrent
2019-04-28 23:00 - 2019-04-28 23:00 - 000020807 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x10) (1).torrent
2019-04-28 23:00 - 2019-04-28 23:00 - 000020527 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x11) (1).torrent
2019-04-28 23:00 - 2019-04-28 23:00 - 000020247 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x02) (1).torrent
2019-04-28 13:03 - 2019-04-28 13:03 - 000019179 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x06 (1).torrent
2019-04-28 13:03 - 2019-04-28 13:03 - 000018659 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x04 (1).torrent
2019-04-28 13:03 - 2019-04-28 13:03 - 000015518 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x06_720p (1).torrent
2019-04-28 13:03 - 2019-04-28 13:03 - 000013638 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x04_720p (1).torrent
2019-04-28 12:08 - 2019-04-28 12:08 - 000015518 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x06_720p.torrent
2019-04-28 12:08 - 2019-04-28 12:08 - 000013638 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x04_720p.torrent
2019-04-28 12:01 - 2019-04-28 12:01 - 000018159 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x05 (1).torrent
2019-04-28 12:00 - 2019-04-28 12:00 - 000019679 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x01 (1).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000022107 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x08) (1).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000021007 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x13) (1).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000020627 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x04).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000020574 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x06) (1).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000020187 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x07) (1).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000019547 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x09) (2).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000019547 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x09) (1).torrent
2019-04-28 11:55 - 2019-04-28 11:55 - 000019507 _____ C:\Users\Antonio\Downloads\Criadas-Y-Malvadas-(1x05) (1).torrent
2019-04-28 11:45 - 2019-04-28 11:45 - 000001309 _____ C:\Users\Antonio\Desktop\Wondershare Video Converter Ultimate - Acceso directo.lnk
2019-04-28 11:42 - 2019-04-28 11:42 - 000019679 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x01.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000019419 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x03.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000019319 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x12.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000019179 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x06.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000018659 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x04.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000018579 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x09.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000018239 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x13.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000018159 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x05.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000018139 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x07.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000017959 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x11.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000017925 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x08.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000016879 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x10.torrent
2019-04-28 11:42 - 2019-04-28 11:42 - 000012085 _____ C:\Users\Antonio\Downloads\Criadas_y_Malvadas_1x02.torrent
2019-04-28 00:00 - 2019-04-28 00:00 - 000317263 _____ C:\Users\Antonio\Downloads\FC5-GE1.2.0-www.gamesfull.org.torrent
2019-04-27 20:33 - 2019-04-27 20:34 - 000016528 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x06-MTL9k (1).torrent
2019-04-27 20:33 - 2019-04-27 20:33 - 000018228 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x02-8t9yv (1).torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000020788 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x01-kqbof.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000018228 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x02-8t9yv.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000017334 _____ C:\Users\Antonio\Downloads\criadas-y-senoras-bdrip-I9Gbo.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000017308 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x04-jwAow.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000017128 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x03-RaYI3.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000017128 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x03-RaYI3 (1).torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000016528 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x06-MTL9k.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000016500 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x07-corregida-pilG3.torrent
2019-04-27 09:59 - 2019-04-27 09:59 - 000015888 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x05-peDDH.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000020790 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x05-Jzz08.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000020710 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x07-cT5BD.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000020570 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x04-6etIf.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000020010 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x01-FxBub.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000019670 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x03-6VGJz.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000019230 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x02-KyYWb.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000019130 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x08-XhQbc.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000017928 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x12-9oiWb.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000017614 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x13-final-Pby7l.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000017388 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x08-RSn2q.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000016748 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x10-i82NE.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000015128 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x09-l3Ga6.torrent
2019-04-27 09:58 - 2019-04-27 09:58 - 000015048 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-1x11-A5vJd.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000021390 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x13-fnkJ5.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000020907 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x04-tXm7S.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000020430 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x11-rQxmW.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000020206 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x12-qfHp3.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000020010 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x09-KJVxw.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000019510 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-2x10-4Iy2X.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000012305 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x01-6dlAT.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011545 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x03-cia2C.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011525 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x07-F9PQp.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011445 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x06-gvN85.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011265 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x09-QdzjV.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011265 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x05-NLFP7.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011245 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x08-5Uf1J.torrent
2019-04-27 09:57 - 2019-04-27 09:57 - 000011245 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x02-PzfBp.torrent
2019-04-27 09:56 - 2019-04-27 09:56 - 000012071 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x13-final-Ekwza.torrent
2019-04-27 09:56 - 2019-04-27 09:56 - 000011845 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x10-6xr17.torrent
2019-04-27 09:56 - 2019-04-27 09:56 - 000011645 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x11-fz8KO.torrent
2019-04-27 09:56 - 2019-04-27 09:56 - 000011385 _____ C:\Users\Antonio\Downloads\criadas-y-malvadas-3x12-CznD8.torrent
2019-04-27 09:40 - 2019-04-27 09:40 - 000000000 ____D C:\Users\Antonio\Desktop\SERIE CONVERTIDA CLAUDIA
2019-04-24 22:30 - 2019-04-24 22:30 - 000526376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-04-24 22:30 - 2019-04-16 20:47 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-04-24 22:28 - 2019-02-02 20:20 - 000000420 _____ C:\Users\Antonio\Downloads\Licencias Avast 2031 - 2027.txt
2019-04-24 22:27 - 2019-04-24 22:27 - 000000437 _____ C:\Users\Antonio\Downloads\LIAVAS02022019TEX.zip
2019-04-22 22:02 - 2019-05-14 23:26 - 000000000 ____D C:\Users\Antonio\Documents\AVerTV
2019-04-22 18:49 - 2019-04-22 18:49 - 021254208 _____ (Piriform Software Ltd) C:\Users\Antonio\Downloads\ccsetup556.exe
2019-04-22 18:49 - 2019-04-22 18:49 - 021254208 _____ (Piriform Software Ltd) C:\Users\Antonio\Downloads\ccsetup556 (1).exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-18 20:29 - 2017-12-06 17:58 - 000000000 ____D C:\AMD
2019-05-18 19:58 - 2019-04-14 23:02 - 000003160 _____ C:\Windows\System32\Tasks\StartCN
2019-05-18 19:58 - 2019-04-07 17:56 - 000003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E13BE95-8306-4E60-ABFB-E56CE4953DB4}
2019-05-18 19:58 - 2019-04-07 17:42 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1005
2019-05-18 19:58 - 2019-04-07 17:40 - 000003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C7B2D966-2BC4-48CA-A8CC-1F6E4B82591C}
2019-05-18 19:58 - 2019-03-27 15:10 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1004
2019-05-18 19:58 - 2019-03-14 23:43 - 000003312 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2019-05-18 19:58 - 2019-03-14 21:23 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-18 19:58 - 2019-03-14 21:23 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-18 19:58 - 2019-03-14 19:29 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-18 19:58 - 2019-03-14 19:29 - 000004332 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-18 19:58 - 2019-03-14 18:30 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-18 19:58 - 2019-03-14 18:30 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-18 19:58 - 2019-03-14 18:29 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-05-18 19:58 - 2019-03-14 18:26 - 000003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{72FB9F73-6B55-4709-9C43-AD367EB53D48}
2019-05-18 18:24 - 2019-03-14 18:26 - 000000000 __RDO C:\Users\Antonio\OneDrive
2019-05-18 18:24 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-05-17 23:07 - 2019-03-14 18:36 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-05-17 23:07 - 2019-03-14 18:36 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-17 23:07 - 2019-03-14 18:36 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-05-17 23:07 - 2019-03-14 18:25 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1001
2019-05-16 22:23 - 2019-03-16 17:46 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-15 23:28 - 2019-04-01 10:05 - 000000000 ____D C:\Users\ARACELI
2019-05-15 23:24 - 2019-03-14 18:19 - 000000000 ____D C:\Users\Antonio
2019-05-15 23:23 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-15 23:20 - 2019-03-14 18:35 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-05-15 23:19 - 2019-04-14 22:55 - 000000000 ____D C:\Program Files\AMD
2019-05-15 23:19 - 2019-04-07 20:50 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-05-15 23:19 - 2019-03-27 15:02 - 000000000 ____D C:\Users\SANDRA
2019-05-15 23:19 - 2019-03-17 15:07 - 000000000 ____D C:\Program Files\Megadede
2019-05-15 23:19 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\System
2019-05-15 23:17 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-15 23:12 - 2019-04-07 18:50 - 000000000 ____D C:\Windows\LastGood
2019-05-15 23:12 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\registration
2019-05-15 22:13 - 2019-03-15 13:23 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Nitro
2019-05-15 17:05 - 2014-11-21 01:03 - 001743360 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-15 17:05 - 2014-11-21 00:21 - 000774740 _____ C:\Windows\system32\perfh00A.dat
2019-05-15 17:05 - 2014-11-21 00:21 - 000159266 _____ C:\Windows\system32\perfc00A.dat
2019-05-15 16:59 - 2019-03-16 17:45 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 16:56 - 2019-03-27 15:05 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Adobe
2019-05-15 16:56 - 2019-03-27 15:02 - 000000000 ____D C:\Users\SANDRA\AppData\Roaming\Adobe
2019-05-14 23:26 - 2019-03-14 19:20 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\uTorrent
2019-05-14 23:08 - 2019-03-14 18:31 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-14 18:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 18:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-12 23:32 - 2019-03-14 20:51 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\Mozilla
2019-05-12 22:43 - 2019-04-02 21:00 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-11 11:38 - 2019-04-15 22:45 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2019-05-11 09:41 - 2019-04-07 20:47 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2019-05-11 09:41 - 2019-03-14 18:44 - 000030528 _____ C:\Windows\GVTDrv64.sys
2019-05-11 09:41 - 2019-03-14 18:44 - 000025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys
2019-05-10 23:50 - 2019-03-14 18:19 - 000000000 ____D C:\Users\Antonio\AppData\Local\Packages
2019-05-09 21:33 - 2019-04-13 20:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-09 21:33 - 2019-03-14 20:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-08 22:37 - 2019-03-26 00:16 - 000000000 ____D C:\Users\Antonio\AppData\Local\BitTorrentHelper
2019-05-08 22:00 - 2019-03-14 20:51 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-07 20:39 - 2019-03-14 19:14 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-05-07 20:39 - 2019-03-14 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-05-07 20:39 - 2019-03-14 19:14 - 000000000 ____D C:\Program Files\WinRAR
2019-05-06 23:20 - 2019-03-14 23:22 - 000000000 ____D C:\Users\Antonio\AppData\Local\Spotify
2019-05-06 22:02 - 2019-03-14 23:22 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Spotify
2019-05-06 17:45 - 2019-03-27 15:02 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Packages
2019-05-06 17:43 - 2019-03-27 15:03 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Google
2019-05-05 22:00 - 2019-03-14 19:59 - 000000000 ____D C:\Users\Antonio\AppData\Local\CrashDumps
2019-05-05 20:52 - 2019-03-15 18:23 - 000000000 ___RD C:\Users\Antonio\Desktop\FOTO Y VIDEO
2019-05-04 23:48 - 2019-04-01 19:50 - 000004180 _____ C:\Windows\System32\Tasks\Avast SecureLine Update
2019-05-04 23:48 - 2019-04-01 19:49 - 000004194 _____ C:\Windows\System32\Tasks\Avast Cleanup Update
2019-05-03 19:20 - 2019-03-14 19:14 - 000003278 _____ C:\Windows\System32\Tasks\klcp_update
2019-05-02 22:38 - 2019-03-14 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2019-05-02 22:35 - 2019-03-14 22:45 - 000000000 ____D C:\ProgramData\VEGAS
2019-05-02 22:34 - 2019-03-14 22:42 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Sony
2019-05-01 10:31 - 2019-03-21 23:00 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\MPC-HC
2019-04-27 16:25 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2019-04-24 22:31 - 2019-03-31 22:27 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-24 22:31 - 2019-03-31 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-04-24 22:31 - 2019-03-31 22:26 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-24 22:31 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2019-04-24 21:53 - 2019-03-15 18:23 - 000000000 ____D C:\Users\Antonio\Desktop\ACCESOS
2019-04-22 22:06 - 2019-03-14 19:13 - 000000000 ____D C:\ProgramData\AVerTV 3D
2019-04-21 13:32 - 2019-03-27 15:08 - 000000000 ____D C:\Users\SANDRA\AppData\Roaming\AVAST Software

==================== Files in the root of some directories =======

2019-03-14 23:49 - 2019-03-16 17:09 - 000000779 _____ () C:\Users\Antonio\AppData\Roaming\MIPC.MTBF.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-12 21:30
==================== End of FRST.txt ============================

Muchas gracias por tu ayuda.Saludos

#5

Hola @caballoblanco1963

Ejecutaste FRST desde una ubicación incorrecta:

Running from C:\Users\Antonio*Downloads*

Corta el ejecutable de la carpeta de descargas y lo pegas en el escritorio.

Luego sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-05-15 22:13 - 2019-05-15 22:14 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\DRPSu
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

#6

Hola SanMar,

Perdona por el fallo de ubicación de FRST.

Pego el reporte Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Antonio (19-05-2019 19:24:38) Run:1
Running from C:\Users\Antonio\Desktop
Loaded Profiles: Antonio & SANDRA & ARACELI (Available Profiles: Antonio & SANDRA & ARACELI)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-05-15 22:13 - 2019-05-15 22:14 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\DRPSu
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
C:\Users\Antonio\AppData\Roaming\DRPSu => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2cfb:7c8d:7b00:52be%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.home:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35493417 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 445348994 B
Edge => 0 B
Chrome => 520060571 B
Firefox => 1091124708 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 376248 B
systemprofile32 => 8146 B
LocalService => 6354 B
NetworkService => 0 B
Antonio => 512550287 B
SANDRA => 44799227 B
ARACELI => 45381506 B

RecycleBin => 3044218515 B
EmptyTemp: => 5.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:26:05 ====

Muchas gracias.

#7

Hola @caballoblanco1963

Comenta si aun continua el problema de las fotos?


Vuelve a ejecutar Malwarebytes lo actualizas y lo corres de la siguiente manera:

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado. Seleccionas "Todas las Unidades"
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

Salu2

#8

Hola SanMar,

El problema de las fotos sigue igual.

Pego reporte Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 20/5/19
Hora del análisis: 13:09
Archivo de registro: ae96a466-7aef-11e9-971c-74d435b1ed6c.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.10676
Licencia: Gratis

-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: MIPC\Antonio

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 650122
Amenazas detectadas: 16
Amenazas en cuarentena: 10
Tiempo transcurrido: 3 hr, 30 min, 56 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 2
RiskWare.GameHack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SETUP.EXE, En cuarentena, [7595], [545288],1.0.10676
RiskWare.GameHack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SETUP.EXE, En cuarentena, [7595], [545288],1.0.10676

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 14
RiskWare.Tool.CK, C:\USERS\ANTONIO\DOWNLOADS\ON1.PHOTO.10.64BITS.FIXED.WWW.ARTISTAPIRATA.COM\PARCHE\KEYMAKER-CORE.RAR, En cuarentena, [5729], [159765],1.0.10676
CrackTool.Agent, C:\WINDOWS.OLD.000\USERS\ANTONIO\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\22QPT5UG\AEMU.092.BY.ZENTINELS.RAR, En cuarentena, [6107], [445980],1.0.10676
RiskWare.GameHack, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\ADOBE CC (2018)\SETUP.EXE, En cuarentena, [7595], [545288],1.0.10676
HackTool.Patcher, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\CRACK\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, Error durante la eliminación, [7754], [473286],1.0.10676
HackTool.FilePatch, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\PARCHESAD0B3.THIRDPARTY.ARTISTAPIRATA.COM\ADOBE.PHOTOSHOP.CC.2018._X64_.PATCH-MPT.ZIP, Error durante la eliminación, [7736], [281135],1.0.10676
CrackTool.Agent, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\PARCHESAD0B3.THIRDPARTY.ARTISTAPIRATA.COM\AMTEMU.V0.9.2.WIN-PAINTER.ZIP, Error durante la eliminación, [6107], [445980],1.0.10676
CrackTool.Agent, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6107], [445980],1.0.10676
HackTool.Patcher, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\PARCHESAD0B3.THIRDPARTY.ARTISTAPIRATA.COM\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, Error durante la eliminación, [7754], [473286],1.0.10676
CrackTool.Agent, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\CRACK\AMTEMU.V0.9.2.WIN-PAINTER.ZIP, Error durante la eliminación, [6107], [445980],1.0.10676
HackTool.Patcher, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\PSCC2K18.ENE18.ARTISTAPIRATA.COM\EXTRA PARCHES DE TERCEROS\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, En cuarentena, [7754], [473286],1.0.10676
HackTool.FilePatch, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\ADOBE CLOUD2018\M4STERAD0B3COLLECT0N2018.ARTISTAPIRATA.COM\CRACK\ADOBE.PHOTOSHOP.CC.2018._X64_.PATCH-MPT.ZIP, Error durante la eliminación, [7736], [281135],1.0.10676
CrackTool.Agent, C:\WINDOWS.OLD.000\USERS\ANTONIO\DOWNLOADS\PSCC2K18.ENE18.ARTISTAPIRATA.COM\EXTRA PARCHES DE TERCEROS\AMTEMU.V0.9.2.WIN-PAINTER.ZIP, En cuarentena, [6107], [445980],1.0.10676
HackTool.Patcher, F:\DESCARGAS\PSCC2K18.ENE18.ARTISTAPIRATA.COM\EXTRA PARCHES DE TERCEROS\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, En cuarentena, [7754], [473286],1.0.10676
CrackTool.Agent, F:\DESCARGAS\PSCC2K18.ENE18.ARTISTAPIRATA.COM\EXTRA PARCHES DE TERCEROS\AMTEMU.V0.9.2.WIN-PAINTER.ZIP, En cuarentena, [6107], [445980],1.0.10676

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Muchas gracias.

#9

Hola @caballoblanco1963

La mayoría de lo detectado esta en la carpeta Windows.old , esa carpeta se crea luego de formatear y guarda lo anterior de nuestro sistema.

Para eliminarla revisa >>> ¿Cómo eliminar archivos con el Liberador de espacio en disco?, especialmente a partir de "Para eliminar archivos de sistema"


En cuanto a las fotos cual utilizas? La App Fotos de Windows o el clásico Visualizador de Fotos que usábamos en Windows 7??

Nos comentas.

Salu2

#10

Hola SanMar,

Debo de eliminar la carpeta Widows.old?

Para las fotos utilizo el clásico Visualizador de fotos.

Muchas gracias.

#11

Hola:

Si no solo por lo que te ocupa sino por qu una vez que recuperaste tus archivos no es necesario tenerla, no podrás manualmente, por ello te indico el libertador de espacio en disco y que veas especialmente los pasos para eliminar los archivos de sistema.

Salu2

#12

Hola SanMar,

Creo que algo hize mal al eliminar la carpeta Windows.old,pues en el liberador de espacio ya no aparece instalaciones anteriores,pero sigue estando la carpeta en el disco local.

En cuanto al visualizador de fotos sigue el problema.

Gracias.

#13

Hola @caballoblanco1963

Detalla paso a paso cual es el error con el visualizador de fotos.

Si puedes toma una imagen del error.

Como subir imágenes al Foro?

Salu2

#14

Hola SanMar,

Disculpa el problema de las fotos debe de ser por la tarjeta de la cámara.Otras carpetas con fotos se ven sin problema con el visualizador.Tema resuelto.

Por otro lado sigo teniendo la carpeta Windows.old

Muchas gracias

#15

Hola @caballoblanco1963

Prueba si te permite eliminarla Manualmente.

Nos comentas.

Salu2