Maquina con virus....? y demasiadas svchost.exe abiertas

Buenos días/tardes/noches.

Pido ayuda para saber si mi computadora está infectada con algún virus, desde hace un par de días la noto lenta y ahora hasta hace un rato no me respondía el menú inicio de Windows, tuve que cerrar el proceso de “Explorador de Windows” y volverlo a abrir para que respondiera el menú; también se me ocurrió sacar la lista de tareas que están corriendo en mi PC, y para mi sorpresa hay muchas instancias de “svchost.exe” abiertas. Dejo la lista de tareas.

Microsoft Windows [Versión 10.0.17134.950]
(c) 2018 Microsoft Corporation. Todos los derechos reservados.

C:\Users\Nere>tasklist

Nombre de imagen               PID Nombre de sesión Núm. de ses Uso de memor
========================= ======== ================ =========== ============
System Idle Process              0 Services                   0         8 KB
System                           4 Services                   0     2,936 KB
Registry                       120 Services                   0    77,220 KB
smss.exe                       620 Services                   0       108 KB
csrss.exe                      872 Services                   0     2,132 KB
wininit.exe                    952 Services                   0        36 KB
csrss.exe                      968 Console                    1     2,756 KB
services.exe                    92 Services                   0     7,832 KB
lsass.exe                       84 Services                   0    12,248 KB
winlogon.exe                   508 Console                    1     3,804 KB
svchost.exe                    860 Services                   0       520 KB
fontdrvhost.exe                796 Services                   0       744 KB
fontdrvhost.exe                792 Console                    1     9,836 KB
svchost.exe                    440 Services                   0    20,044 KB
svchost.exe                   1116 Services                   0    10,880 KB
svchost.exe                   1160 Services                   0     3,404 KB
dwm.exe                       1244 Console                    1    64,684 KB
svchost.exe                   1392 Services                   0     9,024 KB
svchost.exe                   1428 Services                   0     4,920 KB
svchost.exe                   1436 Services                   0     4,504 KB
svchost.exe                   1560 Services                   0     2,092 KB
svchost.exe                   1576 Services                   0     1,824 KB
svchost.exe                   1588 Services                   0     3,216 KB
svchost.exe                   1596 Services                   0     4,280 KB
svchost.exe                   1612 Services                   0     4,820 KB
svchost.exe                   1676 Services                   0    13,048 KB
svchost.exe                   1752 Services                   0     2,736 KB
svchost.exe                   1764 Services                   0    14,240 KB
svchost.exe                   1800 Services                   0     4,528 KB
svchost.exe                   1888 Services                   0     4,904 KB
igfxCUIService.exe            1208 Services                   0     1,992 KB
svchost.exe                   2120 Services                   0     5,528 KB
svchost.exe                   2152 Services                   0     1,068 KB
svchost.exe                   2284 Services                   0     3,780 KB
svchost.exe                   2292 Services                   0     2,420 KB
svchost.exe                   2452 Services                   0     5,204 KB
svchost.exe                   2460 Services                   0     8,488 KB
dasHost.exe                   2572 Services                   0    10,404 KB
svchost.exe                   2596 Services                   0     6,128 KB
svchost.exe                   2668 Services                   0     1,064 KB
svchost.exe                   2680 Services                   0   124,912 KB
wsc_proxy.exe                 2688 Services                   0     3,444 KB
Memory Compression            2776 Services                   0   278,504 KB
svchost.exe                   2928 Services                   0     3,100 KB
svchost.exe                   2936 Services                   0     3,076 KB
svchost.exe                   3020 Services                   0     6,612 KB
RtkAudioService64.exe         1996 Services                   0       816 KB
svchost.exe                   1136 Services                   0    10,308 KB
svchost.exe                   2524 Services                   0     4,088 KB
svchost.exe                   3112 Services                   0     5,684 KB
svchost.exe                   3120 Services                   0     2,204 KB
svchost.exe                   3128 Services                   0     5,584 KB
svchost.exe                   3356 Services                   0     6,992 KB
RAVBg64.exe                   3364 Console                    1     5,068 KB
AvastSvc.exe                  3416 Services                   0    45,940 KB
svchost.exe                   3424 Services                   0     6,132 KB
wlanext.exe                   3672 Services                   0     3,528 KB
conhost.exe                   3684 Services                   0       256 KB
spoolsv.exe                   3812 Services                   0    15,168 KB
svchost.exe                   3872 Services                   0     2,832 KB
BTDevMgr.exe                  4088 Services                   0     3,820 KB
AppKeyLicenseServerNOMINA     2400 Services                   0     1,852 KB
IntelCpHDCPSvc.exe            3192 Services                   0     1,664 KB
AnyDesk.exe                   3624 Services                   0     7,392 KB
svchost.exe                   3632 Services                   0     2,564 KB
svchost.exe                   3704 Services                   0     1,272 KB
IRMTService.exe               3688 Services                   0     2,616 KB
svchost.exe                   3932 Services                   0     9,256 KB
svchost.exe                   3976 Services                   0     6,724 KB
svchost.exe                   4104 Services                   0       756 KB
SecUPDUtilSvc.exe             4124 Services                   0       404 KB
mDNSResponder.exe             4136 Services                   0     3,324 KB
svchost.exe                   4144 Services                   0       656 KB
sqlbrowser.exe                4152 Services                   0       364 KB
saci.exe                      4160 Services                   0    93,700 KB
TeamViewer_Service.exe        4168 Services                   0    39,376 KB
svchost.exe                   4180 Services                   0    29,824 KB
SecurityHealthService.exe     4188 Services                   0     5,876 KB
svchost.exe                   4196 Services                   0    12,584 KB
AppKeyAuthServerNOMINAS.e     4204 Services                   0     1,736 KB
HPWMISVC.exe                  4212 Services                   0       980 KB
ezSharedSvcHost.exe           4220 Services                   0       748 KB
svchost.exe                   4232 Services                   0    10,976 KB
SU10Guard.exe                 4244 Services                   0     1,404 KB
svchost.exe                   4260 Services                   0     3,344 KB
svchost.exe                   4272 Services                   0     2,064 KB
armsvc.exe                    4280 Services                   0       256 KB
sqlwriter.exe                 4296 Services                   0     1,244 KB
svchost.exe                   4348 Services                   0     2,520 KB
mqsvc.exe                     4408 Services                   0     2,032 KB
svchost.exe                   4556 Services                   0     7,200 KB
svchost.exe                   4876 Services                   0     3,156 KB
IntelCpHeciSvc.exe            5092 Services                   0     1,832 KB
svchost.exe                   5268 Services                   0     4,736 KB
sihost.exe                    6376 Console                    1    18,528 KB
svchost.exe                   6408 Console                    1    10,356 KB
PresentationFontCache.exe     6452 Services                   0       420 KB
svchost.exe                   6504 Console                    1    20,356 KB
taskhostw.exe                 6616 Console                    1    14,008 KB
svchost.exe                   6184 Services                   0    13,968 KB
dllhost.exe                   6760 Console                    1    11,864 KB
RuntimeBroker.exe             7340 Console                    1    20,004 KB
igfxEM.exe                    7504 Console                    1    12,052 KB
RuntimeBroker.exe             7632 Console                    1    24,492 KB
SearchIndexer.exe             7788 Services                   0    27,772 KB
svchost.exe                   7904 Services                   0     4,380 KB
ctfmon.exe                    8040 Console                    1    13,592 KB
TabTip.exe                    8056 Console                    1     7,960 KB
RuntimeBroker.exe             8428 Console                    1    22,360 KB
SkypeBackgroundHost.exe       9172 Console                    1       976 KB
svchost.exe                   9872 Services                   0    10,436 KB
SkypeApp.exe                 11272 Console                    1     7,784 KB
MSASCuiL.exe                 11604 Console                    1     4,480 KB
AnyDesk.exe                  12028 Console                    1     4,716 KB
RuntimeBroker.exe            10512 Console                    1     2,124 KB
RtkNGUI64.exe                10888 Console                    1       892 KB
AvastUI.exe                  10952 Console                    1    61,024 KB
aswEngSrv.exe                11640 Services                   0    69,760 KB
svchost.exe                   4468 Services                   0     3,544 KB
aswidsagent.exe              10128 Services                   0    44,760 KB
svchost.exe                   2160 Console                    1     3,144 KB
AvastUI.exe                   7580 Console                    1    11,632 KB
jhi_service.exe               3248 Services                   0       452 KB
sqlservr.exe                  1724 Services                   0     3,768 KB
svchost.exe                   4480 Services                   0     6,328 KB
sedsvc.exe                   11136 Services                   0     3,084 KB
SgrmBroker.exe               11140 Services                   0     2,752 KB
svchost.exe                   8136 Services                   0     5,260 KB
dllhost.exe                  10852 Console                    1     8,028 KB
svchost.exe                   7560 Services                   0     3,256 KB
MusNotifyIcon.exe            11744 Console                    1     4,632 KB
ApplicationFrameHost.exe      9964 Console                    1    13,700 KB
svchost.exe                   3384 Services                   0     4,096 KB
svchost.exe                   9716 Services                   0     9,268 KB
svchost.exe                   1272 Services                   0     1,904 KB
svchost.exe                   5336 Services                   0     2,880 KB
WUDFHost.exe                  4516 Services                   0     3,276 KB
taskhostw.exe                10664 Console                    1     5,548 KB
unsecapp.exe                  3280 Services                   0     1,656 KB
svchost.exe                  14092 Services                   0     3,876 KB
audiodg.exe                  14144 Services                   0    40,780 KB
svchost.exe                   7088 Services                   0     7,080 KB
svchost.exe                  12276 Services                   0     6,808 KB
smartscreen.exe              11740 Console                    1    27,748 KB
TeamViewer.exe               12072 Console                    1    90,128 KB
tv_w32.exe                   13400 Console                    1     7,608 KB
tv_x64.exe                    2092 Console                    1     7,236 KB
TeamViewer_Desktop.exe       13660 Console                    1   237,780 KB
svchost.exe                   6892 Services                   0     6,236 KB
Taskmgr.exe                  13600 Console                    1    67,052 KB
MBAMService.exe               7128 Services                   0   534,652 KB
cmd.exe                      10472 Console                    1     3,260 KB
conhost.exe                    548 Console                    1    14,988 KB
mbamtray.exe                  5080 Console                    1    40,496 KB
SearchProtocolHost.exe       14032 Services                   0     9,128 KB
svchost.exe                   2556 Services                   0     7,728 KB
svchost.exe                  13900 Services                   0     5,888 KB
explorer.exe                  7164 Console                    1   116,656 KB
ShellExperienceHost.exe       9844 Console                    1    81,784 KB
SearchUI.exe                 11664 Console                    1   141,320 KB
svchost.exe                   4848 Services                   0     7,320 KB
svchost.exe                  10316 Services                   0    21,760 KB
SearchFilterHost.exe          3380 Services                   0     6,984 KB
mbam.exe                      9536 Console                    1   274,232 KB
WmiPrvSE.exe                  6000 Services                   0     9,520 KB
cmd.exe                       5076 Console                    1     3,508 KB
conhost.exe                  13784 Console                    1    14,972 KB
tasklist.exe                  2904 Console                    1     7,800 KB

Ahora estoy corriendo un análisis con Malwarebytes para ver si detecta algún bicho, teniendo los resultados los publico.

Desde ya muchas gracias por la ayuda.

Arcanine.

Hola @Arcanine

Cuando tengas el reporte de Malwarebytes lo pones para revisarlo

Un saludo

Hasta que al fin termino de hacer el analisis de la maquina lo pego aqui. espero por indicaciones, y muchas gracias nuevamente.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 3/4/20
Hora del análisis: 12:39
Archivo de registro: 644bb856-75da-11ea-a972-2c6fc91f93b4.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.21854
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17134.950)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-8AK39I7\Nere

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 706721
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 2 hr, 27 min, 17 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

2) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega el reporte de AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Buenas, una enorme disculpa, hasta ahora puedo pegarme de nuevo a la maquina, espero aun puedas seguir aconsejandome durante este problema.

Te pego el reporte el Adwcleaner como me lo pediste:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-06-2020
# Duration: 00:00:00
# OS:       Windows 10 Home Single Language
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1521 octets] - [04/09/2019 11:37:09]
AdwCleaner[C00].txt - [1776 octets] - [04/09/2019 11:39:58]
AdwCleaner[S01].txt - [1544 octets] - [03/04/2020 19:09:23]
AdwCleaner[S02].txt - [1605 octets] - [06/04/2020 10:59:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Hola

No te preocupes por la demora, no hay problema

Los reportes salen limpios, como siguen los problemas que tenía tu equipo?

Un saludo

Deje que pasara un par de días para probar la máquina, al principio todo funcionó bien, me dije a de ver sido algún proceso de Windows que se desajusto, o algo así, pero ayer y hoy hace un rato me volvió a hacer lo del menú inicio, presiono la tecla para el menú y no se despliega, doy clic en el botón del menú y tampoco quiere aparecer, al final termine reiniciando el proceso de “Explorer.exe” para poder que desplegara el menú de inicio.

Espero mas indicaciones,y gracias.

Hola

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Copio el FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por Nere (administrador) sobre DESKTOP-8AK39I7 (HP HP Pavilion All-in-One 24-r0xx) (08-04-2020 12:11:45)
Ejecutado desde C:\Users\Nere\Desktop
Perfiles cargados: Nere & MSSQL$COMPAC (Perfiles disponibles: Nere & MSSQL$COMPAC)
Platform: Windows 10 Home Single Language Versión 1803 17134.950 (X64) Idioma: Español (México)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(COMPUTACION EN ACCION, S.A. DE C.V. -> ) C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyAuthServerNOMINAS.exe
(COMPUTACION EN ACCION, S.A. DE C.V. -> ) C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyLicenseServerNOMINAS.exe
(COMPUTACION EN ACCION, S.A. DE C.V. -> Computación en Acción S.A. de C.V.) C:\Program Files (x86)\Compac\Servidor de Aplicaciones\saci.exe
(Easybits AS -> Easybits) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Greatis Software LLC -> Greatis Software, LLC) C:\Program Files (x86)\StopUpdates10\SU10Guard.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\IntelCpHeciSvc.exe
(Intel(R) RMT -> Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.COMPAC\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [703312 2017-07-21] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [DetectaFirewall] => C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\DetectaFirewall.exe [1278184 2020-01-17] (COMPUTACION EN ACCION, S.A. DE C.V. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-254893639-3850501376-1735359704-2724494366-297964045\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-08] (Google LLC -> Google LLC)
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\MusNotification.exe: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-04-13]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {053D2292-E032-460D-BE7F-D7DB96374647} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {0859C67F-DF36-4887-8A87-853CC4521405} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-10] (Google Inc -> Google Inc.)
Task: {21F04167-C3FF-4651-B406-239DFA1F0334} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {34B057CC-B893-4C3C-87D4-82511408B7BF} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-8AK39I7-Nere DESKTOP-8AK39I7 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {459A2D43-3683-48B2-89AD-CAEE39EF5B4F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {47255C2B-8629-4EFB-9719-333008E15531} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
Task: {65FAC498-E092-4069-AE4F-EEF7A30DA545} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {66DE828F-6B42-47D8-B8C2-3822AD6D6C5E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Nere\Downloads\Nueva carpeta (6)\esetonlinescanner_esn.exe [8162616 2019-09-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {71204652-819F-4B1B-98BE-F4259C956E98} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {7DFA2CF2-7F26-42D1-A691-861F967367CD} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {8F30C843-D22C-40DE-9E37-1984454E739E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {92056589-B661-4EE1-B0F7-D59E4803FABA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {99D2FA0B-6993-4807-937F-9CF6C5E05B2F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279328 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A3DD3BD1-0A32-4C3F-AC70-A2E5753DF618} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {C1EBAD7E-A346-4ED2-B8B7-A8D90CE0152F} - System32\Tasks\Start_MSSQL$COMPAC => C:\Windows\System64\MSSQL$COMPAC.exe [82120 2019-07-16] () [Archivo no firmado]
Task: {C3587168-1FFA-446B-B379-F2E878EF7D01} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-04-10] (Google Inc -> Google Inc.)
Task: {CAA93BEE-99BC-474A-9171-249BB37137B6} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [6086144 2019-04-10] () [Archivo no firmado]
Task: {DB78BE60-1253-432C-AC2A-982A8F9A9578} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {E18E195F-A4B3-45D9-983B-107B59212F04} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {E36F8027-C0A1-4868-8A3F-B04C27EC7E84} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Nere\Downloads\Nueva carpeta (6)\esetonlinescanner_esn.exe [8162616 2019-09-04] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {F58EB94D-4611-4569-9CB0-212C2D86F8DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9f0c2412-235e-4234-8431-515dcda5b04e}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-12] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {4B5DC085-DDEE-4B81-8F51-D63E31053F96} hxxp://idse.imss.gob.mx/certificacion/SeguriTools/GenKey.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jxxuqifv.default
FF ProfilePath: C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default [2020-04-08]
FF Homepage: Mozilla\Firefox\Profiles\jxxuqifv.default -> www.google.com.mx
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] [2019-04-10]
FF Extension: (Avast Online Security) - C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] [2020-03-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default [2020-04-06]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Presentaciones) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-10]
CHR Extension: (Avast Online Security) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3025872 2019-11-29] (philandro Software GmbH -> )
R2 AppkeyAuthServer_NOMINAS; C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyAuthServerNOMINAS.exe [16875040 2020-01-17] (COMPUTACION EN ACCION, S.A. DE C.V. -> )
R2 AppKeyLicenseServer_NOMINAS; C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyLicenseServerNOMINAS.exe [17492000 2020-01-17] (COMPUTACION EN ACCION, S.A. DE C.V. -> )
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [Archivo no firmado]
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-10-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IRMTService; c:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [183424 2017-08-08] (Intel(R) RMT -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-04-03] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$COMPAC; c:\Program Files\Microsoft SQL Server\MSSQL11.COMPAC\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268128 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Saci_CONTPAQi; C:\Program Files (x86)\Compac\Servidor de Aplicaciones\Saci.exe [191208 2020-01-18] (COMPUTACION EN ACCION, S.A. DE C.V. -> Computación en Acción S.A. de C.V.)
R2 SamsungUPDUtilSvc; C:\windows\SysWOW64\SecUPDUtilSvc.exe [143664 2019-04-10] (Samsung Electronics CO., LTD. -> )
S3 SQLAgent$COMPAC; c:\Program Files\Microsoft SQL Server\MSSQL11.COMPAC\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 SU10Guard; C:\Program Files (x86)\StopUpdates10\SU10Guard.exe [71576 2019-07-31] (Greatis Software LLC -> Greatis Software, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-07-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-07-30] (Microsoft Corporation -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37864 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205576 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [271120 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206608 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [64272 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279360 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42976 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175400 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110560 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84056 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848672 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235184 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316256 2020-02-25] (Avast Software s.r.o. -> AVAST Software)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70664 2017-10-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34712 2017-08-08] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-08] (Malwarebytes Inc -> Malwarebytes)
S4 RsFx0200; C:\WINDOWS\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2017-06-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-07-25] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [750072 2017-08-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-06-01] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [9607640 2018-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-08 12:11 - 2020-04-08 12:12 - 000026081 _____ C:\Users\Nere\Desktop\FRST.txt
2020-04-08 12:10 - 2020-04-08 12:10 - 002281472 _____ (Farbar) C:\Users\Nere\Desktop\FRST64.exe
2020-04-08 11:20 - 2020-04-08 11:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-08 10:29 - 2020-04-08 10:29 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-08 10:29 - 2020-04-08 10:29 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-07 13:51 - 2020-04-07 13:51 - 000248219 _____ C:\Users\Nere\Documents\Semana Santa.pptx
2020-04-07 13:50 - 2020-04-07 13:50 - 001304231 _____ C:\Users\Nere\Documents\Se te antoja rib.pptx
2020-04-07 13:50 - 2020-04-07 13:50 - 000075366 _____ C:\Users\Nere\Documents\Debido a la actual contingencia que estamos viviendo.pptx
2020-04-07 13:49 - 2020-04-07 13:49 - 000884250 _____ C:\Users\Nere\Documents\Deliciosos Chiles en Nogada.pptx
2020-04-07 13:49 - 2020-04-07 13:49 - 000074093 _____ C:\Users\Nere\Documents\Seguimos trabajando para ustedes con nuestro Servicio para.pptx
2020-04-07 11:55 - 2020-04-07 11:55 - 003558030 _____ C:\Users\Nere\Documents\GUSTO_DE_PUEBLA1375EN.pdf
2020-04-07 11:25 - 2020-04-07 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-06 11:25 - 2020-04-06 11:25 - 000014332 _____ C:\Users\Nere\Documents\cc_20200406_112535.reg
2020-04-06 11:24 - 2020-04-06 11:24 - 000014332 _____ C:\Users\Nere\Documents\cc_20200406_112453.reg
2020-04-06 11:24 - 2020-04-06 11:24 - 000014332 _____ C:\Users\Nere\Documents\cc_20200406_112423.reg
2020-04-06 11:23 - 2020-04-06 11:23 - 000014332 _____ C:\Users\Nere\Documents\cc_20200406_112321.reg
2020-04-06 11:22 - 2020-04-06 11:23 - 000014332 _____ C:\Users\Nere\Documents\cc_20200406_112258.reg
2020-04-06 11:21 - 2020-04-06 11:21 - 000097100 _____ C:\Users\Nere\Documents\cc_20200406_112102.reg
2020-04-06 11:21 - 2020-04-06 11:21 - 000018282 _____ C:\Users\Nere\Documents\cc_20200406_112135.reg
2020-04-03 20:09 - 2020-04-03 20:09 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-04-03 20:06 - 2020-04-03 20:06 - 008196784 _____ (Malwarebytes) C:\Users\Nere\Desktop\adwcleaner_8.0.4.exe
2020-04-03 14:24 - 2020-04-03 14:24 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-04-03 14:24 - 2020-04-03 14:24 - 000001035 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-04-03 13:39 - 2020-04-03 14:46 - 000000000 ____D C:\Users\Nere\AppData\LocalLow\IGDump
2020-04-03 13:37 - 2020-04-03 13:38 - 000002450 _____ C:\Users\Nere\Desktop\Rkill.txt
2020-03-17 11:27 - 2020-02-25 15:06 - 000368056 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-08 12:12 - 2019-09-04 18:00 - 000000000 ____D C:\FRST
2020-04-08 11:57 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-08 11:54 - 2019-04-10 12:47 - 000005355 ___SH C:\WINDOWS\SysWOW64\vw8i4cxp.R55
2020-04-08 11:32 - 2019-04-10 11:36 - 000000000 ____D C:\Users\Nere\AppData\LocalLow\Mozilla
2020-04-08 11:20 - 2019-04-10 11:36 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-08 11:20 - 2019-04-10 11:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-08 11:13 - 2019-07-30 12:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-08 10:41 - 2019-07-30 12:43 - 000005318 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-8AK39I7-Nere DESKTOP-8AK39I7
2020-04-08 10:36 - 2019-07-30 12:43 - 000003656 _____ C:\WINDOWS\system32\Tasks\AutoKMS
2020-04-08 10:35 - 2019-07-30 12:39 - 002040650 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-08 10:35 - 2018-04-12 11:18 - 000821420 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-08 10:35 - 2018-04-12 11:18 - 000171186 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-08 10:35 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2020-04-08 10:34 - 2019-04-10 13:04 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-08 10:34 - 2019-04-10 13:04 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-08 10:29 - 2019-09-04 19:01 - 000000000 ____D C:\Program Files (x86)\StopUpdates10
2020-04-08 10:29 - 2019-07-30 12:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-08 10:29 - 2019-04-12 10:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-08 10:29 - 2019-04-10 12:31 - 000000000 __SHD C:\Users\Nere\IntelGraphicsProfiles
2020-04-07 15:44 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-07 15:33 - 2019-04-11 14:45 - 000000000 ____D C:\Users\Nere\AppData\Local\CrashDumps
2020-04-07 15:33 - 2019-04-10 15:34 - 000000000 ____D C:\Users\Nere\Documents\Archivos de Outlook
2020-04-07 15:33 - 2019-04-10 12:31 - 000000000 ____D C:\Users\Nere\AppData\Local\Packages
2020-04-07 11:59 - 2019-07-30 12:43 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-07 11:59 - 2019-07-30 12:43 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-04-07 11:59 - 2019-07-30 12:43 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-07 11:59 - 2019-07-30 12:43 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-07 11:59 - 2019-07-30 12:43 - 000003180 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-04-07 11:59 - 2019-07-30 12:43 - 000002346 _____ C:\WINDOWS\system32\Tasks\Start_MSSQL$COMPAC
2020-04-07 11:59 - 2019-07-30 12:43 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-04-07 11:59 - 2019-07-30 12:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-04-06 11:06 - 2019-07-30 12:21 - 000414392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-06 11:04 - 2019-04-10 14:23 - 000000000 ____D C:\Users\Nere\AppData\Local\AVAST Software
2020-04-03 14:24 - 2019-04-13 15:44 - 000000000 ____D C:\Users\Nere\AppData\Local\TeamViewer
2020-04-03 13:34 - 2019-09-04 12:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-03 13:34 - 2019-09-04 12:21 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-03 13:34 - 2019-09-04 12:21 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-28 16:04 - 2019-07-30 12:43 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-03-26 11:22 - 2019-04-10 14:19 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-18 11:01 - 2019-04-10 14:23 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-03-18 11:01 - 2019-04-10 14:23 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-03-17 11:27 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-17 11:17 - 2019-04-10 13:16 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-12 16:49 - 2019-04-10 15:24 - 014323712 _____ C:\Users\Nere\Desktop\RESPSUA.TBK
2020-03-11 16:56 - 2019-07-30 12:25 - 000000000 ____D C:\Users\MSSQL$COMPAC
2020-03-11 11:26 - 2019-04-10 14:21 - 000458584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Y tambien el Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por Nere (08-04-2020 12:13:03)
Ejecutado desde C:\Users\Nere\Desktop
Windows 10 Home Single Language Versión 1803 17134.950 (X64) (2019-07-30 17:44:43)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1149044093-1192150964-1119913601-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1149044093-1192150964-1119913601-503 - Limited - Disabled)
Invitado (S-1-5-21-1149044093-1192150964-1119913601-501 - Limited - Disabled)
Nere (S-1-5-21-1149044093-1192150964-1119913601-1001 - Administrator - Enabled) => C:\Users\Nere
WDAGUtilityAccount (S-1-5-21-1149044093-1192150964-1119913601-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Advanced BAT to EXE Converter v4.11 (HKLM-x32\...\Advanced BAT to EXE Converter v4.11) (Version:  - )
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.4.0 - philandro Software GmbH)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Batch Compiler 17.0.0 (HKLM-x32\...\Batch Compiler 17.0.0) (Version: 17.0.0 - Isuru Arunoda)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
CONTPAQ i® Administrador de Documentos Digitales (HKLM-x32\...\{3B64D508-2E57-4180-986F-56E9028C5B75}) (Version: 5.1.3 - CONTPAQ i®)
CONTPAQ i® Formatos Digitales (HKLM-x32\...\{FAC18E82-B187-4C63-952C-539792E7D83A}) (Version: 5.1.3 - CONTPAQ i®)
CONTPAQ i® Hoja Electrónica ADD (HKLM\...\{A0F1D6E3-82CA-418A-A950-9B6109FFC914}_is1) (Version: 1.4.4 - CONTPAQ i®)
CONTPAQ i® Servidor de Aplicaciones (HKLM-x32\...\{3B5DB6C7-B962-4992-A958-7DED3F419EBB}) (Version: 5.1.3 - CONTPAQ i®)
ContPAQi Nóminas Hoja (HKLM-x32\...\{73A6E705-2ECD-40B3-B027-E8461E4E768D}) (Version: 10.2.0 - Computación en Acción)
CONTPAQi® Nóminas (Local) (HKLM-x32\...\{9F89E525-8F25-409C-B9AE-337F9E82CB5F}) (Version: 12.3.1 - CONTPAQ i®)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.4.1022 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{3E8F8FB6-98C2-49C6-942E-B9D07BEE6ECD}) (Version: 1.1.70.534 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 75.0 (x64 es-MX) (HKLM\...\Mozilla Firefox 75.0 (x64 es-MX)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8551 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version:  - VS Revo Group)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.)
Sistema Único de Autodeterminación (HKLM-x32\...\{4038CCF6-A4E3-45D4-B122-33A476E02ECF}) (Version: 3.4.6 - Instituto Mexicano del Seguro Social)
SmartPSS 2.002.0000007.0 (HKLM-x32\...\SmartPSS) (Version: 2.002.0000007.0 - )
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (HKLM\...\{26BFF1F1-5C03-4C55-9C7C-FD65889AFA70}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (HKLM\...\{A7037EB2-F953-4B12-B843-195F4D988DA1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
StopUpdates10 versión 2.5.70 (HKLM-x32\...\{C186B659-50F8-4F40-9822-2B1163AAAEF2}_is1) (Version: 2.5.70 - Greatis Software)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
VersionSUA358 (HKLM-x32\...\{7E6A0D24-549F-463C-BF6D-4C829ED1896B}) (Version: 3.5.8 - Instituto Mexicano del Seguro Social)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
WinMerge 2.16.2.0 x64 (HKLM\...\WinMerge_is1) (Version: 2.16.2.0 - Thingamahoochie Software)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
¡Solitario! -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-06-28] (Random Salad Games LLC) [MS Ad]
Ajuste de espacio -> C:\Windows\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-07-30] (Microsoft Corporation)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.19.5.0_x86__kgqvnymyfvs32 [2019-08-20] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1590.2.0_x86__kgqvnymyfvs32 [2019-09-04] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Descubrir la realidad mixta -> C:\Windows\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-07-30] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-10] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)
Novedades para ti -> C:\Windows\SystemApps\WhatsNew_cw5n1h2txyewy [2019-07-30] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-04-10] (CYBERLINKCOM CORP)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-07-30] (ms-resource:PublisherDisplayName)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-07-30] (ms-resource:PublisherDisplayName)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-07-30] (ms-resource:PublisherDisplayName)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2019-03-22] (hxxp://winmerge.org) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2019-03-22] (hxxp://winmerge.org) [Archivo no firmado]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2019-03-22] (hxxp://winmerge.org) [Archivo no firmado]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxDTCM.dll [2019-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files\WinMerge\ShellExtensionX64.dll [2019-03-22] (hxxp://winmerge.org) [Archivo no firmado]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-02-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2019-04-13 22:41 - 2019-03-22 00:18 - 000202752 _____ (hxxp://winmerge.org) [Archivo no firmado] C:\Program Files\WinMerge\ShellExtensionX64.dll
2019-07-31 13:29 - 2019-07-31 13:29 - 000031232 _____ (Microsoft) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.P4d3ce419#\02a3c45d55365579e8ecf2f5da83e8c5\Microsoft.Practices.ServiceLocation.ni.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\...\gob.mx -> hxxp://imss.gob.mx
IE trusted site: HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\...\gob.mx -> imss.gob.mx

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-09-29 08:46 - 2019-09-04 18:24 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\;c:\Program Files\Microsoft SQL Server\110\Tools\Binn\;c:\Program Files\Microsoft SQL Server\110\DTS\Binn\;c:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\ManagementStudio\;c:\Program Files (x86)\Microsoft SQL Server\110\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04082020102944747\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-254893639-3850501376-1735359704-2724494366-297964045\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "RtlS5Wake"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\...\StartupApproved\Run: => "OneDrive"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{69CFB163-C33A-4292-B421-6255B2EAB548}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{239ABCB5-74F5-40B2-B646-8D09C4EAA1BB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{967FE0A0-6A3F-4D43-A0CF-DA7218F4A73E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E275BCBF-53DF-4BB3-B287-983A10E6811C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8AD42AC4-56EF-4B26-A54A-3DF00ECF547A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AA8F08E1-079A-4D69-9ABA-A1AAC17ABCDB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8AE46840-CE58-4138-BC8A-16DE5903BEBD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{45341047-3FAE-4505-A893-6DBA9BCB3B80}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D3FE82FB-4943-440B-89C0-EC011407DFE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A788C9F5-24A3-45E9-8D31-00A6B12A854F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A383B20D-2E7B-4624-AB30-7140B950A24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F0B5D1E-4D5B-43DA-B707-DA463E3928F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58098470-27B2-45EB-98AA-A86EEAFDE9C0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FB3DD823-540F-4004-9B4C-5C1D4252380E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4855975B-EBDC-4234-BDDA-DFAB0F52A48B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FF00087B-1288-477E-98F9-FD422DA77715}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{79038F62-32F9-4CFD-9B00-E2D6F184A6CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3B405E0F-F1C9-48BE-BBC1-D601B6A442CC}C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe] => (Block) C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> CONTPAQ i©)
FirewallRules: [UDP Query User{40C666E4-E6D5-4387-AB80-D2788D84F9B5}C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe] => (Block) C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> CONTPAQ i©)
FirewallRules: [TCP Query User{762AB4C0-0711-4941-B5B6-27B85F94F80B}C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe] => (Allow) C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> CONTPAQ i©)
FirewallRules: [UDP Query User{B7F5ADFD-39CE-44DA-AAE3-A5E376BE9F7E}C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe] => (Allow) C:\program files (x86)\compac\nominas\reporteador i\reporteador.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> CONTPAQ i©)
FirewallRules: [TCP Query User{2EC5EC71-6FD6-4BE4-937B-240E463043C6}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{DC2B2AC4-6783-4D66-9CFF-9E782748FCFE}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [Archivo no firmado]
FirewallRules: [{070C1167-2103-4C1D-BBB7-B4591812E604}] => (Allow) C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyLicenseServerNOMINAS.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> )
FirewallRules: [{CEF2DE17-DE27-4F99-9946-C97E92CA557C}] => (Allow) C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyLicenseServerNOMINAS.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> )
FirewallRules: [{4BE5C95F-7151-40E8-BAA4-0C479174AEC1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0F3860F0-67F6-4DEA-922F-DCD93BEEF529}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D979805C-C497-4843-8E90-B3B74DE3E834}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{01E6DE0C-6088-4999-AC2F-FE473680778E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C5838F6C-785F-418B-92E3-09A2E6DBB825}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{842592F4-9D49-4061-9394-70EEA8FFA293}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{57C0EC9E-1D1A-4261-94F5-3FEAAF8D32A1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{90116A9D-48F8-477D-8172-83DA58CFB253}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{0E86FA7F-50BE-4FAF-851F-1AC44E486B69}] => (Allow) C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyLicenseServerNOMINAS.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> )
FirewallRules: [{F010CA62-3D7C-4004-800D-DE219433506F}] => (Allow) C:\Program Files (x86)\Compac\Servidor de Licencias\Nominas\AppKeyLicenseServerNOMINAS.exe (COMPUTACION EN ACCION, S.A. DE C.V. -> )
FirewallRules: [{58F90C3D-D3B7-4401-8917-3D99E38EF0B1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{AC28C1C6-CECA-4007-AAEC-C80245D7C1B1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{074EA796-96DA-4BDB-B2D8-76ABEE5EACF4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

20-03-2020 14:11:15 Eliminación del paquete de idioma
29-03-2020 17:23:54 Punto de control programado
08-04-2020 10:44:42 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/08/2020 10:42:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (04/07/2020 03:33:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: OUTLOOK.EXE, versión: 15.0.4420.1017, marca de tiempo: 0x506742d6
Nombre del módulo con errores: MSVCR100.dll, versión: 10.0.40219.325, marca de tiempo: 0x4df2bcac
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000003c02a
Identificador del proceso con errores: 0x4a0
Hora de inicio de la aplicación con errores: 0x01d60d1bb76c9009
Ruta de acceso de la aplicación con errores: C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\MSVCR100.dll
Identificador del informe: 6848ad39-817f-4fba-b5b6-15d46ea08a00
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (04/08/2020 10:31:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2020 10:30:45 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio avast! Antivirus.

Error: (04/08/2020 10:30:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio avast! Antivirus.

Error: (04/08/2020 10:30:04 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8AK39I7)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-8AK39I7\Nere con SID (S-1-5-21-1149044093-1192150964-1119913601-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2020 10:29:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2020 10:29:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/07/2020 01:56:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-8AK39I7)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-8AK39I7\Nere con SID (S-1-5-21-1149044093-1192150964-1119913601-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/07/2020 01:48:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}
 y APPID 
{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
 al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


CodeIntegrity:
===================================

Date: 2019-12-31 15:25:11.203
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:25:11.199
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:20:57.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:20:57.672
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:12:30.271
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:12:30.265
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:09:51.350
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-31 15:09:51.347
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: AMI F.08 10/25/2017
Placa base: HP 838B
Procesador: Intel(R) Core(TM) i7-7700T CPU @ 2.90GHz
Porcentaje de memoria en uso: 29%
RAM física total: 12146.08 MB
RAM física disponible: 8558.1 MB
Virtual total: 14002.08 MB
Virtual disponible: 10133.64 MB

==================== Unidades ================================

Drive c: (WINDOWS) (Fixed) (Total:1845.57 GB) (Free:1654.92 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.21 GB) (Free:1.87 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive e: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.24 GB) FAT32
Drive f: () (Removable) (Total:14.7 GB) (Free:14.67 GB) FAT32

\\?\Volume{1761513c-10f1-4a46-9255-decbceda6f56}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.52 GB) NTFS
\\?\Volume{4363d401-e39f-4011-b064-8c106b8ab5a5}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: DEF236D5)

Partition: GPT.

==========================================================
Disk: 1 (Size: 14.7 GB) (Disk ID: 49B4F62C)
Partition 1: (Not Active) - (Size=14.7 GB) - (Type=0B)

==========================================================
Disk: 2 (Protective MBR) (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Muchas gracias y espero por los siguientes pasos.

Hola

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\MusNotification.exe: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {CAA93BEE-99BC-474A-9171-249BB37137B6} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [6086144 2019-04-10] () [Archivo no firmado]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] [2019-04-10]
FF Extension: (Avast Online Security) - C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] [2020-03-17]
CHR Extension: (Avast Online Security) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX/Corregir y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Aquí traigo el reporte de Fixlog.txt:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por Nere (08-04-2020 17:31:58) Run:2
Ejecutado desde C:\Users\Nere\Desktop
Perfiles cargados: Nere & MSSQL$COMPAC (Perfiles disponibles: Nere & MSSQL$COMPAC)
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricci�n <==== ATENCI�N
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\MusNotification.exe: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
Task: {CAA93BEE-99BC-474A-9171-249BB37137B6} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [6086144 2019-04-10] () [Archivo no firmado]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] [2019-04-10]
FF Extension: (Avast Online Security) - C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] [2020-03-17]
CHR Extension: (Avast Online Security) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-31]
CHR Extension: (Chrome Media Router) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\EOSNOTIFY.EXE => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\InstallAgent.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MusNotification.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\remsh.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SIHClient.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UpdateAssistant.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UsoClient.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WaaSMedic.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WaasMedicAgent.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Windows10Upgrade.exe => eliminado correctamente
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WINDOWS10UPGRADERAPP.EXE => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CAA93BEE-99BC-474A-9171-249BB37137B6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAA93BEE-99BC-474A-9171-249BB37137B6}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\AutoKMS => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => eliminado correctamente
C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] => movido correctamente
C:\Users\Nere\AppData\Roaming\Mozilla\Firefox\Profiles\jxxuqifv.default\Extensions\[email protected] => movido correctamente
CHR Extension: (Avast Online Security) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-31] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Chrome Media Router) - C:\Users\Nere\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-31] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1149044093-1192150964-1119913601-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::a498:afaf:751c:f4bd%14
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.105
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 160282791 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 2750064 B
Edge => 10752 B
Chrome => 388958 B
Firefox => 880230542 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1278714299 B
systemprofile32 => 1278714299 B
LocalService => 1278716129 B
NetworkService => 1278716129 B
Nere => 1281534673 B
MSSQL$COMPAC => 1281534673 B

RecycleBin => 0 B
EmptyTemp: => 8.1 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 17:33:33 ====

Gracias.

Estoy probando la computadora trabajando con ella normalmente, y se me ocurrio hacer una lista de tareas de nuevo en la ventana de comandos y siguen demaciados procesos “svchost.exe”; tengo entendido que es normal que haya varios de estos abiertos pero se me hacen demaciados.

Dejo un log de lo desplegado por la ventana de comandos:

Microsoft Windows [Versión 10.0.17134.950]
(c) 2018 Microsoft Corporation. Todos los derechos reservados.

C:\Users\Nere>tasklist

Nombre de imagen               PID Nombre de sesión Núm. de ses Uso de memor
========================= ======== ================ =========== ============
System Idle Process              0 Services                   0         8 KB
System                           4 Services                   0       688 KB
Registry                       120 Services                   0     7,356 KB
smss.exe                       624 Services                   0     1,148 KB
csrss.exe                      860 Services                   0     5,540 KB
wininit.exe                    944 Services                   0     6,584 KB
csrss.exe                      960 Console                    1     5,676 KB
services.exe                  1016 Services                   0    10,624 KB
lsass.exe                      416 Services                   0    16,224 KB
winlogon.exe                   492 Console                    1    10,192 KB
svchost.exe                    468 Services                   0     3,920 KB
fontdrvhost.exe                712 Console                    1     8,612 KB
fontdrvhost.exe                  8 Services                   0     4,228 KB
svchost.exe                   1088 Services                   0    24,436 KB
svchost.exe                   1140 Services                   0    11,892 KB
svchost.exe                   1192 Services                   0     8,028 KB
dwm.exe                       1272 Console                    1    85,996 KB
svchost.exe                   1444 Services                   0    15,144 KB
svchost.exe                   1452 Services                   0    10,656 KB
svchost.exe                   1460 Services                   0     9,628 KB
svchost.exe                   1588 Services                   0     5,988 KB
svchost.exe                   1600 Services                   0     9,192 KB
svchost.exe                   1668 Services                   0     7,924 KB
svchost.exe                   1768 Services                   0    19,708 KB
svchost.exe                   1776 Services                   0     7,928 KB
svchost.exe                   1784 Services                   0    11,152 KB
svchost.exe                   1796 Services                   0    16,736 KB
svchost.exe                   1816 Services                   0     7,012 KB
svchost.exe                   1928 Services                   0    11,588 KB
svchost.exe                    460 Services                   0     8,384 KB
svchost.exe                   1912 Services                   0     5,884 KB
wsc_proxy.exe                 2064 Services                   0     8,936 KB
svchost.exe                   2080 Services                   0   102,412 KB
svchost.exe                   2088 Services                   0     8,044 KB
WUDFHost.exe                  2144 Services                   0     8,144 KB
igfxCUIService.exe            2224 Services                   0     8,356 KB
Memory Compression            2256 Services                   0     3,468 KB
svchost.exe                   2276 Services                   0     7,580 KB
svchost.exe                   2320 Services                   0     6,976 KB
svchost.exe                   2376 Services                   0    11,684 KB
svchost.exe                   2444 Services                   0     6,424 KB
svchost.exe                   2452 Services                   0    12,540 KB
svchost.exe                   2588 Services                   0     9,552 KB
svchost.exe                   2672 Services                   0     7,848 KB
svchost.exe                   2680 Services                   0     7,152 KB
dasHost.exe                   2780 Services                   0    13,080 KB
svchost.exe                   2808 Services                   0    12,304 KB
svchost.exe                   2892 Services                   0    11,892 KB
RtkAudioService64.exe         2976 Services                   0     7,260 KB
svchost.exe                   2720 Services                   0     7,964 KB
svchost.exe                   2504 Services                   0    12,720 KB
svchost.exe                   2852 Services                   0     6,600 KB
svchost.exe                   3132 Services                   0     7,388 KB
svchost.exe                   3216 Services                   0    16,304 KB
svchost.exe                   3320 Services                   0     7,624 KB
RAVBg64.exe                   3352 Console                    1    14,060 KB
svchost.exe                   3372 Services                   0    11,916 KB
AvastSvc.exe                  3380 Services                   0   139,076 KB
wlanext.exe                   3544 Services                   0     7,164 KB
conhost.exe                   3588 Services                   0     8,188 KB
spoolsv.exe                   3776 Services                   0    20,908 KB
svchost.exe                   3840 Services                   0     8,176 KB
AnyDesk.exe                   4024 Services                   0    27,676 KB
svchost.exe                   4036 Services                   0    10,872 KB
IRMTService.exe               4044 Services                   0    10,448 KB
SecUPDUtilSvc.exe             4060 Services                   0     6,412 KB
mDNSResponder.exe             4072 Services                   0     6,524 KB
AppKeyAuthServerNOMINAS.e     4080 Services                   0     7,952 KB
IntelCpHDCPSvc.exe            3068 Services                   0     7,108 KB
svchost.exe                   3280 Services                   0    10,828 KB
SecurityHealthService.exe     3596 Services                   0    15,400 KB
ezSharedSvcHost.exe           3600 Services                   0     7,988 KB
SU10Guard.exe                 3732 Services                   0     8,124 KB
BTDevMgr.exe                  3860 Services                   0     8,948 KB
AppKeyLicenseServerNOMINA     3896 Services                   0    13,140 KB
armsvc.exe                    4108 Services                   0     6,380 KB
saci.exe                      4116 Services                   0   103,180 KB
HPWMISVC.exe                  4136 Services                   0     6,308 KB
svchost.exe                   4144 Services                   0     6,664 KB
svchost.exe                   4160 Services                   0    22,904 KB
svchost.exe                   4172 Services                   0    15,400 KB
sqlwriter.exe                 4180 Services                   0     7,808 KB
TeamViewer_Service.exe        4192 Services                   0    19,396 KB
sqlbrowser.exe                4200 Services                   0     4,520 KB
svchost.exe                   4208 Services                   0     5,664 KB
mqsvc.exe                     4216 Services                   0    13,436 KB
svchost.exe                   4224 Services                   0    19,472 KB
svchost.exe                   4232 Services                   0     6,576 KB
svchost.exe                   4240 Services                   0    11,476 KB
svchost.exe                   4248 Services                   0     7,540 KB
svchost.exe                   4256 Services                   0     9,036 KB
svchost.exe                   4300 Services                   0    24,720 KB
svchost.exe                   4828 Services                   0    11,828 KB
MBAMService.exe               4844 Services                   0    51,856 KB
IntelCpHeciSvc.exe            4976 Services                   0     6,692 KB
svchost.exe                   5048 Services                   0    11,952 KB
svchost.exe                   5076 Services                   0     5,468 KB
svchost.exe                   6376 Services                   0     5,524 KB
sihost.exe                    7144 Console                    1    24,368 KB
svchost.exe                   3060 Console                    1    17,112 KB
PresentationFontCache.exe     1556 Services                   0    21,024 KB
svchost.exe                   4000 Console                    1    31,136 KB
taskhostw.exe                 6492 Console                    1    14,888 KB
svchost.exe                   7232 Services                   0     6,652 KB
explorer.exe                  7408 Console                    1   106,184 KB
igfxEM.exe                    7448 Console                    1    20,512 KB
svchost.exe                   7572 Services                   0     5,972 KB
svchost.exe                   7644 Services                   0    11,872 KB
ShellExperienceHost.exe       7964 Console                    1    71,664 KB
dllhost.exe                   8084 Console                    1     7,652 KB
SearchUI.exe                  8148 Console                    1   128,356 KB
RuntimeBroker.exe             7208 Console                    1    21,592 KB
svchost.exe                   8228 Services                   0    16,868 KB
RuntimeBroker.exe             8432 Console                    1    21,268 KB
svchost.exe                   8632 Services                   0     9,968 KB
SkypeApp.exe                  8736 Console                    1    32,932 KB
SkypeBackgroundHost.exe       8768 Console                    1    11,652 KB
ctfmon.exe                    8908 Console                    1    13,756 KB
TabTip.exe                    8920 Console                    1    15,012 KB
RuntimeBroker.exe             6868 Console                    1    14,832 KB
SearchIndexer.exe             9304 Services                   0    41,028 KB
mbamtray.exe                  9376 Console                    1    37,380 KB
MSASCuiL.exe                  9784 Console                    1     9,468 KB
AnyDesk.exe                   9936 Console                    1    25,796 KB
AvastUI.exe                  10172 Console                    1    69,336 KB
RuntimeBroker.exe            10160 Console                    1    14,752 KB
RtkNGUI64.exe                 9432 Console                    1     1,048 KB
aswEngSrv.exe                 9664 Services                   0    29,324 KB
svchost.exe                   9184 Services                   0     9,872 KB
svchost.exe                   7456 Console                    1    11,880 KB
svchost.exe                   9708 Services                   0    10,204 KB
jhi_service.exe               9316 Services                   0     6,548 KB
sqlservr.exe                  9440 Services                   0    89,260 KB
sedsvc.exe                    4400 Services                   0     8,260 KB
SgrmBroker.exe                2116 Services                   0     4,808 KB
Microsoft.Photos.exe          7652 Console                    1    41,088 KB
RuntimeBroker.exe             5620 Console                    1    30,848 KB
svchost.exe                   9776 Services                   0     8,564 KB
AnyDesk.exe                   6764 Console                    1   252,900 KB
ApplicationFrameHost.exe      2600 Console                    1    29,280 KB
MicrosoftEdge.exe             4668 Console                    1    51,280 KB
browser_broker.exe            6780 Console                    1     9,216 KB
RuntimeBroker.exe             9848 Console                    1     7,144 KB
MicrosoftEdgeCP.exe           2692 Console                    1    23,000 KB
MicrosoftEdgeCP.exe            360 Console                    1    25,332 KB
SystemSettings.exe            4560 Console                    1    45,160 KB
RuntimeBroker.exe             6996 Console                    1    21,904 KB
SearchProtocolHost.exe        9688 Console                    1     7,796 KB
SearchFilterHost.exe         10880 Services                   0     6,204 KB
smartscreen.exe               6472 Console                    1    22,164 KB
cmd.exe                      10328 Console                    1     3,288 KB
conhost.exe                   7184 Console                    1    14,240 KB
tasklist.exe                  5616 Console                    1     7,604 KB
WmiPrvSE.exe                  7924 Services                   0     8,576 KB

Muchas gracias.

Hola

Si, es normal que haya tantos procesos abiertos

Comenta si estarían resueltas las dudas.

Un saludo