Mi pc se congela cuando navego

#1

Buen día llevo una semana que cuando abro Chrome o firefox mi pc se congela y el consumo se va al 100%. Ya le pasé el CCleaner y el Malwarebytes Anti-Malware y lo que envió a cuarentena lo mande a eliminar. Era esto: " PUP.Optional.Catalina"

Pensé que con eso ya se iba a solucionar el problema y continua igual o tal vez peor

Tengo sistema operativo win 7 32 Instalado el AVASt como antivirus y el zoneAlarm como firewall

Gracias por la ayuda que me puedan dar

#2

Realiza lo siguiente:

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.


#3

Gracias Miguel Ya listo los reportes texto preformateado precedido por 4 espacios

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-05-2019
Ran by RA (administrator) on RA1 (ECS H55H-CM) (04-05-2019 10:24:50)
Running from C:\Users\RA\Desktop
Loaded Profiles: RA (Available Profiles: RA)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\RA\Desktop\EditPad.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Corel Corporation -> ) C:\Windows\System32\PSIService.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Nalpeiron Ltd.) [File not signed] C:\Windows\System32\ASTSRV.EXE
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Protexis Inc. -> Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(ZTE CORPORATION -> ) C:\ProgramData\ZDSupport\ZDServ\CancelAutoPlay_Server.exe
(ZTE CORPORATION -> ) C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [1377752 2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [{54E12E9A-2265-4895-AD5B-EE20C37E3D63}] => C:\Program Files\Claro 3G\UUShell.exe [122112 2014-09-09] (ZTE CORPORATION -> )
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [146800 2018-07-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM\...\Run: [ZaAntiRansomware] => C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4226928 2019-02-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [531272 2007-08-28] (Corel Corporation -> Corel, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [225672 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7173848 2016-12-21] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8065456 2019-04-12] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\...\MountPoints2: {00359afe-7fc2-11e8-bba5-1078d2843396} - E:\Windows\AutoRun.exe
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\...\MountPoints2: {00359b11-7fc2-11e8-bba5-1078d2843396} - E:\Windows\AutoRun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-10-28]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk /r \??\C:autocheck autochk * 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0244CD49-29C1-4F0D-BBC9-D931DDA1C654} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7173848 2016-12-21] (Piriform Ltd -> Piriform Ltd)
Task: {0A6C9DCF-F64E-4594-BE15-1F4CFF91FDE9} - System32\Tasks\Avast Cleanup Update => C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {1742B0A9-A017-4A31-B33F-1A0ADFFEFE67} - System32\Tasks\{17E72E3C-E23F-44A9-B831-030BC5E99CC0} => C:\Windows\system32\pcalua.exe -a "C:\ROSA TODOS\PAINTSHOP PRO\pluggins\+ instalando\sbpsetup140.exe" -d "C:\ROSA TODOS\PAINTSHOP PRO\pluggins\+ instalando"
Task: {2A27228A-9C9D-486A-9E3B-F42122005500} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4205097835-220730537-2927603946-1000
Task: {31FAAC09-417C-45C3-B1CD-8A090AC99169} - System32\Tasks\{B0EFE7C5-7636-4D9C-A449-96B864F2CBB4} => C:\Users\RA\AppData\Local\Gtarcade\app\GTarcade.exe
Task: {32F43902-EE98-4A36-B0D4-01ECD62C14EC} - System32\Tasks\{46A01B35-EDAF-4A08-9CBF-54865CE3FBBE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Corel\Corel Paint Shop Pro Photo X2 - Installation Files\setup.exe" -d "C:\Program Files\Corel\Corel Paint Shop Pro Photo X2 - Installation Files"
Task: {40C40F67-C46F-4692-B1B4-BD2A8E122CE2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1951312 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {4BD0FEF7-9BDF-413D-AFBF-60703318422E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156456 2019-05-02] (Google Inc -> Google LLC)
Task: {4EDBEDB6-47E5-49E8-B5DD-ED9F151EFEC3} - System32\Tasks\{A0A38803-F567-425A-84B7-B0B7E518A2B5} => C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe [3675976 2008-09-07] (Corel Corporation -> Corel, Inc.) [File not signed]
Task: {78AA6463-6900-4BF9-9FD6-794318FFDD76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156456 2019-05-02] (Google Inc -> Google LLC)
Task: {943A4B7A-644B-43DA-9AB3-11DBFFAFB277} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
Task: {9CCE6E57-5146-4991-AA84-2BAE66B801CA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2385800 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {ACBAF8DB-0DBF-4AA6-9B0F-CB34ED8E9B47} - System32\Tasks\{C206821E-D1D6-4225-BBF1-A06B00195717} => C:\Users\RA\AppData\Local\Gtarcade\app\GTarcade.exe
Task: {C201BEF2-FDED-4938-A385-D8C9E393A35D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {D36AA111-7BB5-4687-B736-81C14DC6B43A} - System32\Tasks\{06F9049B-19A6-4FE6-9E8C-21F2A869A286} => C:\Users\RA\AppData\Local\Gtarcade\app\GTarcade.exe
Task: {E90B7A25-138F-4DF0-9AAA-14C558F4510D} - System32\Tasks\{4700CBAF-4D1F-4E05-90F4-B0F75E992F3A} => C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe [3675976 2008-09-07] (Corel Corporation -> Corel, Inc.) [File not signed]
Task: {EDAEA6C1-14D4-44E3-BEE7-75E3B76AC867} - System32\Tasks\{2FBA1665-1570-4BD6-92AD-0651E6F9EDCA} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe"
Task: {F148B608-AE93-4568-9D20-4F4B8688BC41} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {F7744858-77D9-47B2-AD02-126499029153} - System32\Tasks\Opera scheduled Autoupdate 1536968952 => C:\Users\RA\AppData\Local\Programs\Opera\launcher.exe [1235032 2019-01-09] (Opera Software AS -> Opera Software)
Task: {FB7BD3AB-0E10-461F-AF2C-4554D90B2BF1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.109.78.12 200.44.32.12
Tcpip\..\Interfaces\{0F63CEC4-6495-48E0-905D-E4DCDB151F76}: [DhcpNameServer] 200.109.78.12 200.44.32.12
Tcpip\..\Interfaces\{DC2264C3-0F7A-458F-85D3-C43DD86B07F8}: [DhcpNameServer] 186.166.131.59 186.24.222.196

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4205097835-220730537-2927603946-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) [File not signed]

FireFox:
========
FF DefaultProfile: byy9mu6n.default
FF ProfilePath: C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default [2019-05-04]
FF Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\[email protected] [2019-03-09]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\[email protected] [2017-09-27] [Legacy]
FF Extension: (AdBlock) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\[email protected] [2019-05-03]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\[email protected] [2019-05-03]
FF Extension: (Touch VPN) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\[email protected] [2019-03-05]
FF Extension: (Avast Online Security) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\[email protected] [2019-05-03]
FF Extension: (UnMHT) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\Extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2017-10-18] [Legacy]
FF Extension: (Baidu Search Update) - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\byy9mu6n.default\features\{dca8297b-be3f-4863-83e1-402bb1fd7e2b}\[email protected] [2019-05-03]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2018-09-16] [Legacy] [not signed]
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default [2019-05-04]
CHR Extension: (Presentaciones) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-02]
CHR Extension: (Documentos) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-02]
CHR Extension: (Google Drive) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-02]
CHR Extension: (Touch VPN) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2019-05-02]
CHR Extension: (YouTube) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-02]
CHR Extension: (Traducir Texto Seleccionado) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbimffnjoeobhjhochngikepgfejjmgj [2019-05-02]
CHR Extension: (ZenMate VPN - Mejor seguridad para Internet) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2019-05-02]
CHR Extension: (Hojas de cálculo) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-02]
CHR Extension: (AdBlock) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-02]
CHR Extension: (Avast Online Security) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-02]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-05-02]
CHR Extension: (Farmtown Flash Enabler) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiaaidojlpkackffhmogpjgofcnjmclp [2019-05-02]
CHR Extension: (AutoMute) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjcdcbhfpjkcjinohfaaihpcmpnpmpie [2019-05-02]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-02]
CHR Extension: (Gmail) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-02]
CHR Extension: (RightToCopy) - C:\Users\RA\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2019-05-02]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ASTSRV; C:\Windows\system32\ASTSRV.EXE [57344 2008-05-19] (Nalpeiron Ltd.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5398416 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [333392 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe [10227280 2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
R2 CPEFR; C:\Program Files\CheckPoint\Endpoint Security\EFR\EFRService.exe [2760440 2019-02-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-02-17] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-02-17] (Check Point Software Technologies Ltd. -> )
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [930240 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S4 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [10000464 2018-10-27] (Gramblr -> ) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2904000 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016704 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] (Corel Corporation -> )
R2 RemediationService; C:\Program Files\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-01-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 TESvc; C:\Program Files\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [319736 2019-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [4292984 2018-07-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files\CheckPoint\ICM\ICM-Service-NET.exe [56688 2018-04-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [50032 2019-02-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2018-07-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
R2 ZDServ; C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe [432384 2014-09-09] (ZTE CORPORATION -> )

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [172424 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220128 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [158240 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [255360 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [51264 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40904 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [138480 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [388472 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101200 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73008 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783232 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403408 2019-04-12] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [165464 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [48152 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312464 2019-05-02] (AVAST Software s.r.o. -> AVAST Software)
S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [218720 2018-02-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [54024 2018-07-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [91840 2019-01-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [90008 2014-12-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [94592 2018-12-24] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [90888 2018-06-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 ISWKL; C:\Program Files\CheckPoint\Endpoint Security\Endpoint Common\Bin\ISWKL.sys [57584 2018-03-11] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 massfilter; C:\Windows\System32\DRIVERS\ztembbmassfilter.sys [11776 2012-11-22] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated)
S3 mtkmbim6.2; C:\Windows\System32\DRIVERS\mtkmbim7.sys [173568 2012-12-15] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26048 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [50744 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [112096 2011-11-14] (Power Software Ltd -> Power Software Ltd)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [184216 2014-12-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [365496 2018-07-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdf_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [69120 2012-12-14] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [69120 2012-12-14] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
U1 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-04 10:24 - 2019-05-04 10:25 - 000029705 _____ C:\Users\RA\Desktop\FRST.txt
2019-05-04 10:23 - 2019-05-04 10:24 - 000000000 ____D C:\FRST
2019-05-04 10:17 - 2019-05-04 10:18 - 001788928 _____ (Farbar) C:\Users\RA\Desktop\FRST.exe
2019-05-04 10:15 - 2019-05-04 10:15 - 000001048 _____ C:\Users\RA\Desktop\sdddff.txt
2019-05-04 09:35 - 2019-05-04 09:37 - 007025360 _____ (Malwarebytes) C:\Users\RA\Desktop\adwcleaner_7.3.exe
2019-05-04 09:19 - 2019-05-04 09:19 - 000000299 _____ C:\Users\RA\Desktop\Chequear_ Disco_Windows.bat
2019-05-04 08:31 - 2019-05-04 08:37 - 000000000 ___RD C:\Users\RA\Documents\MEGA
2019-05-04 08:29 - 2019-05-04 08:29 - 000000000 ____D C:\Users\RA\AppData\Local\Mega Limited
2019-05-04 08:27 - 2019-05-04 08:46 - 029150648 _____ (MEGA Limited) C:\Users\RA\Desktop\MEGAsyncSetup.exe
2019-05-03 15:48 - 2019-05-03 15:48 - 252298628 _____ C:\Windows\MEMORY.DMP
2019-05-03 15:48 - 2019-05-03 15:48 - 000160776 _____ C:\Windows\Minidump\050319-10654-01.dmp
2019-05-03 12:01 - 2019-05-03 12:01 - 000056014 _____ C:\Users\RA\Downloads\CLORURO DE MAGNESIO -w oshar com 6.pdf
2019-05-03 12:00 - 2019-05-03 12:04 - 011675047 _____ C:\Users\RA\Downloads\1a- La Rueda Medicinal 216.pdf
2019-05-03 11:59 - 2019-05-03 12:03 - 000841222 _____ C:\Users\RA\Downloads\Nuestros Animales Ocultos -w angelred com 126.pdf
2019-05-03 11:58 - 2019-05-03 12:01 - 004828459 _____ C:\Users\RA\Downloads\1b- Las Cartas de la Medicina 53.pdf
2019-05-03 11:43 - 2019-05-03 12:03 - 220845225 _____ C:\Users\RA\Downloads\rebelion_en_la_granja_george_orwell_completa.mp4
2019-05-03 05:49 - 2019-05-03 05:49 - 000003288 ____N C:\bootsqm.dat
2019-05-02 20:51 - 2019-05-02 20:51 - 005748152 _____ (Check Point Software Technologies Ltd.) C:\Users\RA\Downloads\zaSetupWeb_156_028_18012.exe
2019-05-02 13:52 - 2019-05-02 14:04 - 081284120 _____ C:\Users\RA\Downloads\madonna_maluma_medellin_billboard_music_awards_.mp4
2019-05-02 13:36 - 2019-05-02 13:42 - 064968385 _____ C:\Users\RA\Downloads\gian_marco_sacala_a_bailar.mp4
2019-05-02 13:12 - 2019-05-02 13:13 - 089387488 _____ C:\Users\RA\Downloads\gian_marco_sacala_a_bailar.mp4.crdownload
2019-05-02 12:09 - 2019-05-02 12:09 - 000003565 _____ C:\Users\RA\Desktop\sffgdgg.yxy.txt
2019-05-02 12:00 - 2019-05-02 12:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-02 12:00 - 2019-05-02 12:00 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-02 11:43 - 2019-05-02 12:17 - 000003658 _____ C:\Users\RA\Desktop\Rkill.txt
2019-05-02 11:27 - 2019-05-02 11:31 - 000000238 _____ C:\Windows\ntbtlog.txt
2019-05-02 06:43 - 2019-05-02 06:43 - 000002003 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2019-05-02 06:43 - 2019-05-02 06:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-05-02 06:26 - 2019-04-11 10:48 - 000311176 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-02 02:15 - 2019-05-02 02:17 - 017208138 _____ C:\Users\RA\Downloads\Pan de Pita fácil y rápido - EN SOLO 1 HORA.mp4
2019-05-02 01:41 - 2019-05-02 01:41 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 01:41 - 2019-05-02 01:41 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-02 01:22 - 2019-05-02 01:22 - 001214008 _____ (Google LLC) C:\Users\RA\Downloads\ChromeSetup.exe
2019-05-01 09:50 - 2019-05-01 09:50 - 000000189 _____ C:\Users\RA\Desktop\salmos.txt
2019-05-01 09:13 - 2019-05-01 09:14 - 005747696 _____ (Check Point Software Technologies Ltd.) C:\Users\RA\Downloads\zafwSetupWeb_156_028_18012.exe
2019-04-30 13:24 - 2019-04-30 13:24 - 000082895 _____ C:\Users\RA\Downloads\251c5715-23a9-4786-9b25-bef133d4a2b8.tmp
2019-04-29 12:18 - 2019-04-29 12:18 - 000522224 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 23:01 - 2019-04-27 23:01 - 000263812 _____ C:\Users\RA\Downloads\¿Cómo se potabiliza el agua_.html
2019-04-27 23:01 - 2019-04-27 23:01 - 000000000 ____D C:\Users\RA\Downloads\¿Cómo se potabiliza el agua__files
2019-04-26 10:43 - 2019-04-26 10:56 - 113321218 _____ C:\Users\RA\Downloads\manuel_carrasco_que_bonito_es_querer_.mp4
2019-04-25 19:44 - 2019-04-25 19:52 - 083575380 _____ C:\Users\RA\Downloads\lola_indigo_lalo_ebratt_maldicion.mp4
2019-04-25 07:21 - 2019-04-25 07:21 - 000000000 ____D C:\Users\Public\BlueStacks
2019-04-25 04:55 - 2019-04-25 05:06 - 110082141 _____ C:\Users\RA\Downloads\agua_gelical_el_agua_de_vida_como_prepararla_luis_antonio_melon_gomez_.mp4
2019-04-24 14:24 - 2019-04-24 14:25 - 011061801 _____ C:\Users\RA\Downloads\Fotos kaeina drive-download-20190424T182406Z-001.zip
2019-04-24 14:12 - 2019-04-24 14:21 - 000000000 ____D C:\Users\RA\Downloads\cartas
2019-04-24 14:09 - 2019-04-24 14:14 - 019844544 _____ C:\Users\RA\Downloads\Inwo cards complet cartas completo.rar
2019-04-24 12:41 - 2019-04-24 12:41 - 000445827 _____ C:\Users\RA\Downloads\VISIONES LUCIDAS_ ILLUMINATI, EL JUEGO DE CARTAS (TODAS LAS CARTAS + FOTO).html
2019-04-24 12:41 - 2019-04-24 12:41 - 000000000 ____D C:\Users\RA\Downloads\VISIONES LUCIDAS_ ILLUMINATI, EL JUEGO DE CARTAS (TODAS LAS CARTAS + FOTO)_files
2019-04-24 12:32 - 2019-04-24 12:32 - 001164762 _____ C:\Users\RA\Downloads\illuminati cartas en español NWO similitudes - Paranormal en Taringa!.html
2019-04-24 12:32 - 2019-04-24 12:32 - 000000000 ____D C:\Users\RA\Downloads\illuminati cartas en español NWO similitudes - Paranormal en Taringa!_files
2019-04-24 11:26 - 2019-04-24 11:26 - 000318025 _____ C:\Users\RA\Downloads\Illuminati, el Juego de Cartas (TODAS las Cartas + Foto) – LA REVOLUCIÓN PACÍFICA.html
2019-04-24 11:26 - 2019-04-24 11:26 - 000000000 ____D C:\Users\RA\Downloads\Illuminati, el Juego de Cartas (TODAS las Cartas + Foto) – LA REVOLUCIÓN PACÍFICA_files
2019-04-22 05:02 - 2019-04-22 05:02 - 003071939 _____ C:\Users\RA\Downloads\Lacalle Raquel - Los símbolos de la prehistoria.epub
2019-04-22 04:00 - 2019-04-22 04:00 - 002357507 _____ C:\Users\RA\Downloads\manual practico de conversacion arabe romanizado -español.pdf
2019-04-21 03:43 - 2019-04-21 04:13 - 088286436 _____ C:\Users\RA\Downloads\Backstreet Boys - DNA - 2019, FLAC.zip
2019-04-21 00:08 - 2019-04-21 00:08 - 015727949 _____ C:\Users\RA\Downloads\cuaderno1.pdf
2019-04-20 23:59 - 2019-04-20 23:59 - 000022937 _____ C:\Users\RA\Downloads\tcl1c.swf
2019-04-20 23:58 - 2019-04-20 23:58 - 000747715 _____ C:\Users\RA\Downloads\swfdata.swf
2019-04-20 23:57 - 2019-04-20 23:57 - 000161137 _____ C:\Users\RA\Downloads\autobus-palabras.swf
2019-04-19 10:30 - 2019-04-19 10:32 - 021467595 _____ C:\Users\RA\Downloads\chuchuwa_canciones_infantiles.mp4
2019-04-19 09:52 - 2019-04-19 10:06 - 146116561 _____ C:\Users\RA\Downloads\CAPERUCITA ROJA - cuento infantil.mp4
2019-04-19 01:35 - 2019-04-19 01:42 - 074641217 _____ C:\Users\RA\Downloads\wetransfer-8fe06a.zip
2019-04-19 01:21 - 2019-04-19 01:21 - 003910646 _____ C:\Users\RA\Downloads\AprendeaConfiarenTiMismoyRecuperaTuAutoestimaCursoCompleto320.pdf
2019-04-19 01:20 - 2019-04-19 01:20 - 001900967 _____ C:\Users\RA\Downloads\El Manual De La Técnica Alexander (Richard Brennan).pdf
2019-04-19 01:18 - 2019-04-19 01:18 - 001900967 _____ C:\Users\RA\Downloads\manual-de-la-tecnica-alexander-richard-brennanpdf.pdf
2019-04-19 00:57 - 2019-04-19 01:00 - 028521395 _____ C:\Users\RA\Downloads\wetransfer-3b8e42.zip
2019-04-18 15:33 - 2019-04-18 15:35 - 003651139 _____ C:\Users\RA\Downloads\Alexander Technique INGLES 159.pdf
2019-04-18 15:11 - 2019-04-18 15:11 - 000056481 _____ C:\Users\RA\Downloads\8-FyGD3I.jpg_large
2019-04-16 20:32 - 2019-04-16 20:34 - 000000000 ____D C:\Users\RA\Downloads\mandalas
2019-04-16 03:38 - 2019-04-16 03:39 - 018892192 _____ (AVAST Software) C:\Users\RA\Downloads\avast_secureline_setup.exe
2019-04-16 00:46 - 2019-05-03 11:40 - 000000000 ____D C:\Users\RA\Downloads\libros
2019-04-15 17:17 - 2019-04-15 17:17 - 000368781 _____ C:\Users\RA\Downloads\Duele ver estas imágenes de NotreDame engullida por el fuego.mp4
2019-04-14 22:35 - 2019-04-14 22:35 - 000183639 _____ C:\Users\RA\Downloads\tecnica para crecer el cbello.html
2019-04-14 22:35 - 2019-04-14 22:35 - 000000000 ____D C:\Users\RA\Downloads\tecnica para crecer el cbello_files
2019-04-13 01:19 - 2019-04-13 01:34 - 055741879 _____ C:\Users\RA\Downloads\Como Dibujar una Marina con Lapiz muy Facil y Paso a Paso.mp4
2019-04-12 14:49 - 2019-04-12 14:49 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-12 12:56 - 2019-04-12 12:56 - 000043719 _____ C:\Users\RA\Downloads\El Pollo.mp4
2019-04-12 03:53 - 2019-04-12 06:06 - 000000000 ____D C:\Users\RA\Downloads\torta sin horno
2019-04-11 10:48 - 2019-05-02 06:42 - 000312464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-11 10:48 - 2019-04-12 14:49 - 000403408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000783232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000388472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000255360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000220128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000172424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000165464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000158240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000138480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000101200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000073008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000051264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000040904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-11 10:48 - 2019-04-11 10:48 - 000036104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2019-04-08 18:54 - 2019-04-08 18:58 - 009281897 _____ C:\Users\RA\Downloads\concuerto en la llanura.mp4
2019-04-04 03:55 - 2019-04-04 03:55 - 000009808 _____ C:\Users\RA\Downloads\degradado primer plano gradientiCorelx.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-04 10:06 - 2009-07-14 00:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-04 10:06 - 2009-07-14 00:34 - 000021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-04 09:58 - 2017-06-04 16:22 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-04 09:58 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-04 09:31 - 2017-06-12 18:29 - 000000000 ____D C:\Users\RA\Desktop\oraciones TUITER
2019-05-04 08:24 - 2017-06-04 20:27 - 000000000 ____D C:\Users\RA\AppData\LocalLow\Mozilla
2019-05-04 07:55 - 2018-10-15 17:53 - 000007623 _____ C:\Users\RA\AppData\Local\Resmon.ResmonCfg
2019-05-04 06:29 - 2017-06-04 19:22 - 000000000 ____D C:\Users\RA\Desktop\TAZATE
2019-05-04 05:53 - 2017-12-31 16:02 - 000000000 ____D C:\Users\RA\Downloads\martin driver
2019-05-03 22:31 - 2017-09-11 08:32 - 000000000 ____D C:\Users\RA\AppData\Local\CrashDumps
2019-05-03 21:26 - 2017-06-13 10:58 - 000000000 ____D C:\Users\RA\AppData\Local\Corel
2019-05-03 21:26 - 2017-06-13 10:40 - 000000000 ____D C:\Users\RA\Documents\My PSP Files
2019-05-03 15:48 - 2017-11-13 15:59 - 000000000 ____D C:\Windows\Minidump
2019-05-03 05:50 - 2018-10-20 22:58 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-05-03 01:15 - 2018-10-28 02:29 - 000000000 ____D C:\Users\RA\AppData\Local\AVAST Software
2019-05-02 20:18 - 2017-06-04 16:21 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-05-02 13:28 - 2009-07-14 00:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-05-02 12:08 - 2018-02-08 12:15 - 000000000 ____D C:\Program Files\B1 Free Archiver
2019-05-02 11:56 - 2018-07-07 02:11 - 000000000 ____D C:\Users\RA\Desktop\Nueva carpeta
2019-05-02 11:31 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2019-05-02 02:27 - 2019-03-04 06:20 - 000000000 ____D C:\Users\RA\Downloads\receta
2019-05-02 01:41 - 2019-03-21 10:51 - 000000000 ____D C:\Program Files\Google
2019-04-30 14:20 - 2019-02-07 01:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGamePick
2019-04-30 14:20 - 2019-02-07 01:14 - 000000000 ____D C:\Program Files\FreeGamePick
2019-04-30 14:18 - 2018-10-28 02:16 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-29 00:11 - 2017-06-04 21:39 - 000000000 ____D C:\Users\RA\AppData\Roaming\vlc
2019-04-29 00:06 - 2018-07-28 11:49 - 000001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-04-28 23:56 - 2018-12-13 14:45 - 000000000 ____D C:\Users\RA\Downloads\LOCHY
2019-04-28 23:55 - 2018-10-16 15:26 - 000000000 ____D C:\GUARDAR
2019-04-28 05:48 - 2017-09-22 02:26 - 000000000 _____ C:\Windows\system32\last.dump
2019-04-28 05:40 - 2017-06-04 11:58 - 000000000 ____D C:\Users\RA
2019-04-28 00:35 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-28 00:34 - 2019-01-10 10:50 - 000000000 ____D C:\Program Files\Claro 3G
2019-04-28 00:34 - 2017-06-23 05:48 - 000000000 ____D C:\Users\RA\AppData\Roaming\Stellarium
2019-04-28 00:34 - 2017-06-04 20:39 - 000000000 ___RD C:\Users\RA\Desktop\Photoshop cs5
2019-04-28 00:34 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF
2019-04-28 00:34 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\registration
2019-04-26 14:05 - 2018-10-29 00:30 - 000000595 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2019-04-18 04:37 - 2017-06-13 05:48 - 000000000 ____D C:\Users\RA\Desktop\CODIGOS SAGRADOS
2019-04-18 02:26 - 2018-12-17 11:54 - 000000000 ____D C:\Users\RA\Downloads\mabel
2019-04-17 02:53 - 2017-06-19 12:30 - 000000000 ____D C:\Plugins
2019-04-12 20:20 - 2017-06-20 12:58 - 000000000 ____D C:\Users\RA\AppData\Local\ElevatedDiagnostics
2019-04-11 10:50 - 2018-10-28 02:29 - 000000000 ____D C:\Users\RA\AppData\Roaming\AVAST Software
2019-04-11 10:38 - 2018-10-28 02:17 - 000000000 ____D C:\Program Files\AVAST Software
2019-04-07 00:49 - 2019-03-28 22:21 - 000000000 ____D C:\Users\RA\AppData\Roaming\Jewel Match 3
2019-04-06 13:34 - 2019-03-09 07:27 - 000000000 ____D C:\Users\RA\Downloads\avast
2019-04-06 02:24 - 2017-06-04 19:23 - 000000000 ____D C:\Users\RA\Desktop\Intalando

==================== Files in the root of some directories =======

2018-10-15 17:53 - 2019-05-04 07:55 - 000007623 _____ () C:\Users\RA\AppData\Local\Resmon.ResmonCfg
2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\RA\AppData\Local\setup.txt
2017-06-18 14:04 - 2017-06-18 14:04 - 000000000 _____ () C:\Users\RA\AppData\Local\{54C679D3-E250-4D19-8B05-105A919A621D}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-29 22:10
==================== End of FRST.txt ============================
#4
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-05-2019
Ran by RA (04-05-2019 10:25:50)
Running from C:\Users\RA\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2017-06-04 15:58:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4205097835-220730537-2927603946-500 - Administrator - Disabled)
Invitado (S-1-5-21-4205097835-220730537-2927603946-501 - Limited - Disabled)
RA (S-1-5-21-4205097835-220730537-2927603946-1000 - Administrator - Enabled) => C:\Users\RA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {3EB84D8C-4821-F4B8-2DD8-2831FAA29B21}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abrMate version 1.1 (HKLM\...\abrMate_is1) (Version: 1.1 - )
Actualización de NVIDIA 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português (HKLM\...\{AC76BA86-1040-7D70-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version:  - )
Alien Skin Eye Candy 5 Nature (HKLM\...\EyeCandy5Nature) (Version:  - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version:  - )
Alien Skin Xenofex 2.0 (HKLM\...\Xenofex2) (Version:  - )
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AV Bros. Page Curl 1.2 (Remove Only) (HKLM\...\AVBrosPageCurl) (Version:  - )
Avast Cleanup Premium (HKLM\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7102 - AVAST Software)
Avast Premier (HKLM\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Aztec Bricks (HKLM\...\Aztec Bricks_is1) (Version:  - FreeGamePick)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 3.56.74.1828 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Check Point SBA (HKLM\...\{0FA23369-F747-4C6B-A723-ABC0D70D0729}) (Version: 86.5.6104 - Check Point Software Technologies Ltd.) Hidden
Claro 3G (HKLM\...\{54E12E9A-2265-4895-AD5B-EE20C37E3D63}) (Version: 1.0.0.1 - )
Color Efex Pro 3.0 Complete (HKLM\...\Color Efex Pro 3.0 Complete) (Version: 3.1.0.0 - Nik Software, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.001.0000 - Corel Corporation)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version:  - )
Filters Unlimited 2.0 (HKLM\...\Filters Unlimited_is1) (Version:  - )
Fishdom (HKLM\...\Fishdom_is1) (Version:  - FreeGamePick)
FM Patcher 1.01 (HKLM\...\FM Patcher_is1) (Version:  - AFH Systems & The Plugin Site)
GML Matting 0.3 (HKLM\...\GML Matting_is1) (Version: 0.3 - GML Computer Vision Group)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.154 - Gramblr Team)
Intel(R) Network Connections 14.6.9.0 (HKLM\...\PROSetDX) (Version: 14.6.9.0 - Intel)
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
Jewel Match 3 (HKLM\...\Jewel Match 3_is1) (Version:  - FreeGamePick)
Mahjong Infinity 2 (HKLM\...\Mahjong Infinity 2_is1) (Version:  - FreeGamePick)
Mahjong Revealed (HKLM\...\Mahjong Revealed_is1) (Version:  - FreeGamePick)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PRO) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 65.0.2 (x86 es-ES) (HKLM\...\Mozilla Firefox 65.0.2 (x86 es-ES)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Mozilla Thunderbird 60.5.0 (x86 es-ES) (HKLM\...\Mozilla Thunderbird 60.5.0 (x86 es-ES)) (Version: 60.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nik Collection (HKLM\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Controlador de 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Opera Stable 57.0.3098.116 (HKU\S-1-5-21-4205097835-220730537-2927603946-1000\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Outlook Express 6 (HKLM\...\Outlook Express 6) (Version:  - )
PakMan 2008 (HKLM\...\PakMan 2008_is1) (Version:  - FreeGamePick)
Panel de control de NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Pillars of Hercules (HKLM\...\Pillars of Hercules_is1) (Version:  - FreeGamePick)
Plugin Commander Light (HKLM\...\Plugin Commander Light) (Version:  - )
PowerISO (HKLM\...\PowerISO) (Version: 4.9 - Power Software Ltd)
PrimoPDF (HKLM\...\PrimoPDF3.1) (Version: 3.1 - activePDF)
PrimoPDF Redistribution Package (HKLM\...\{885744A4-1A01-44B0-858A-0AE6738CBCF7}) (Version: 1.0.0.0 - activePDF, Inc.)
Royal Gems (HKLM\...\Royal Gems_is1) (Version:  - FreeGamePick)
Sakura Day Mahjong (HKLM\...\Sakura Day Mahjong_is1) (Version:  - FreeGamePick)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Silver Tale (HKLM\...\Silver Tale_is1) (Version:  - FreeGamePick)
Skype versión 8.39 (HKLM\...\Skype_is1) (Version: 8.39 - Skype Technologies S.A.)
Stellarium 0.12.0 (HKLM\...\Stellarium_is1) (Version: 0.12.0 - Stellarium team)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1260 - SUPERAntiSpyware.com)
Supercow (HKLM\...\Supercow_is1) (Version:  - FreeGamePick)
Tatris 2008 (HKLM\...\Tatris 2008_is1) (Version:  - FreeGamePick)
Treasures Of The Deep (HKLM\...\Treasures Of The Deep_is1) (Version:  - FreeGamePick)
Ulead GIF-X.Plugin 2.0 (HKLM\...\Ulead GIF-X.Plugin 2.0) (Version:  - )
Ulead Particle.Plugin 1.0 (HKLM\...\Ulead Particle.Plugin 1.0) (Version:  - )
Utilidad Intel(R) para identificación de procesadores (HKLM\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Vizros Plug-ins 4.1 (HKLM\...\Vizros Plug-ins 4.1) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
ZDServer (HKLM\...\{C8197F5F-E0DC-44f1-8AF2-1AA5A84F695D}) (Version: 1.0.1.2 - ZTE Corporation)
ZoneAlarm Anti-Ransomware (HKLM\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.1023 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM\...\{5D85D4B6-C7AE-47B7-A420-BE0717D77C1C}) (Version: 15.3.062.17721 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 15.3.062.17721 - Check Point)
ZoneAlarm Security (HKLM\...\{0053A144-34D7-4832-B61F-7E6EAC0B3C1C}) (Version: 15.3.062.17721 - Check Point Software Technologies Ltd.) Hidden
ZTE Mobile Broadband Device Drivers 1.0.0.17 (HKLM\...\{9194B665-5134-4B6B-AD73-A5292CB072D3}_is1) (Version:  - ZTE)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} =>  -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2011-11-14] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\RA\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2011-11-14] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu.dll [2010-11-15] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} =>  -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2011-11-14] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2018-07-09 23:26 - 2018-07-09 23:26 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files\CheckPoint\ZoneAlarm\dbghelp.dll
2010-11-15 21:04 - 2010-11-15 21:04 - 000336384 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenu.esp
2018-03-11 11:37 - 2003-06-18 17:31 - 000017920 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mdimon.dll
2017-06-04 12:14 - 2006-12-11 17:12 - 000176235 _____ () [File not signed] C:\Windows\System32\Primomonnt.dll
2018-03-11 11:37 - 2003-06-18 17:31 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll
2018-05-02 04:18 - 2008-05-19 12:13 - 000057344 _____ (Nalpeiron Ltd.) [File not signed] C:\Windows\system32\ASTSRV.EXE
2019-02-26 15:10 - 2019-02-26 15:10 - 001018368 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CheckPoint\Endpoint Security\EFR\System.Data.SQLite.dll
2018-03-26 12:58 - 2018-03-26 12:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2018-10-24 17:27 - 2016-11-14 08:35 - 001157000 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2019-02-26 19:47 - 2019-02-26 19:47 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2016-12-21 13:49 - 2016-12-21 13:49 - 000069632 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1034.dll
2018-10-28 04:13 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files\AVAST Software\Avast Cleanup\libcef.dll
2017-06-04 20:49 - 1999-04-17 03:41 - 000275261 ____R () [File not signed] C:\Users\RA\Desktop\EditPad.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:AstInfo [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2017-06-04 12:15 - 000001325 ____N C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\DMIX;C:\Program Files\B1 Free Archiver
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\RA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.109.78.12 - 200.44.32.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C2B5A676-EC07-4213-8C6F-50A874B986A2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{95A1CEFD-53C9-4A2A-B048-E15D99DE205B}] => (Allow) C:\Users\RA\AppData\Local\Programs\Opera\56.0.3051.52\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{ED4C1E0E-176D-4673-8472-A0B04444E5F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FBEA5476-4A93-40C2-8D5A-27A8C8256050}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C970DD5F-F6A8-4B9D-BDF4-FFD23CD4C69C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{81A7D58C-2705-4E1F-8DE7-632F299BCEB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D136E244-3B4C-4750-AD2B-DFDA23812EB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3B60192-DFDC-4D11-A0B7-D17EB55BD5F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C3EFDCC1-9C71-41EF-BE73-B851363636A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0A460D0E-C075-47A3-96B9-2FF07EE614C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{227FF223-BD41-4F25-9B9E-D779EC2713D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9CB201B-D4AE-4687-B5D6-D25BCC2F557C}] => (Allow) C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{466D27F2-AC5A-4CAE-B983-93358017F261}] => (Allow) C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{0EA207DA-25E9-4107-912B-1B55C38680F3}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61F1008E-B9AE-485D-ABEC-4F0AE76DBC4A}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5AE6450A-0171-4E03-B536-63290AFE868A}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{AD40E2DB-A144-451B-AC1C-5F181BE88132}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{9A29A782-C8F5-481F-BF6A-D3B0F3B9514E}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{54D78C8F-CB0D-4935-B8DF-5C8FC1541009}] => (Allow) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{2539CABF-FF08-40A0-918D-287C9D789173}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

20-04-2019 01:31:57 Punto de control programado
28-04-2019 18:29:10 Punto de control programado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (05/04/2019 10:13:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (05/04/2019 10:13:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (05/04/2019 10:05:30 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (05/04/2019 10:05:30 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (05/04/2019 10:01:29 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (05/04/2019 10:01:29 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.

Error: (05/04/2019 09:59:27 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 40.

Error: (05/04/2019 09:59:27 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió la siguiente alerta irrecuperable: 70.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 080015 08/03/2010
Motherboard: ECS H55H-CM
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 72%
Total physical RAM: 3063.12 MB
Available physical RAM: 843.36 MB
Total Virtual: 6122.5 MB
Available Virtual: 3927.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:32 GB) NTFS

\\?\Volume{fb096720-19bd-11e7-863f-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================
#5

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
BootExecute: autocheck autochk /r \??\C:autocheck autochk * 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
U1 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
2017-06-18 14:04 - 2017-06-18 14:04 - 000000000 _____ () C:\Users\RA\AppData\Local\{54C679D3-E250-4D19-8B05-105A919A621D}
ContextMenuHandlers6: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} =>  -> No File
ContextMenuHandlers1: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\Windows:AstInfo [0]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc

#6

Hola Miguel Luego de casi dos horas d euso de la pc viendo videos y teniendo varas pestañas abiertas `el bluestacks a funcionado bien, No se a apagado ni pegado,. AUnque el consumo de memoria física la veo alta pero puede ser pq chrome consume mucho recursos,

te dejo el resultado del fix Agradecida por que ya tenía miedo que tuviera que formatear disco y no tengo donde realizar respaldo ya que los discos externos no sé pq no me están leyendo.

** Fix result of Farbar Recovery Scan Tool (x86) Version: 04-05-2019 Ran by RA (04-05-2019 13:57:29) Run:1 Running from C:\Users\RA\Desktop Loaded Profiles: RA (Available Profiles: RA) Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
BootExecute: autocheck autochk /r \??\C:autocheck autochk * 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
U1 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
2017-06-18 14:04 - 2017-06-18 14:04 - 000000000 _____ () C:\Users\RA\AppData\Local\{54C679D3-E250-4D19-8B05-105A919A621D}
ContextMenuHandlers6: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} =>  -> No File
ContextMenuHandlers1: [B1ShellEx] -> {76CF52AF-2B2D-4999-8CE8-495187BB11CD} =>  -> No File
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
AlternateDataStreams: C:\Windows:AstInfo [0]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
HKU\S-1-5-21-4205097835-220730537-2927603946-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN" => not found
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully.
aswbdisk => service removed successfully.
HKLM\System\CurrentControlSet\Services\iswSvc => removed successfully.
iswSvc => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully.
MBAMSwissArmy => service removed successfully.
C:\Users\RA\AppData\Local\{54C679D3-E250-4D19-8B05-105A919A621D} => moved successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\B1ShellEx => removed successfully.
HKLM\Software\Classes\CLSID\{76CF52AF-2B2D-4999-8CE8-495187BB11CD} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\B1ShellEx => removed successfully.
HKLM\Software\Classes\CLSID\{76CF52AF-2B2D-4999-8CE8-495187BB11CD} => not found
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully.
"BVTFilter" => removed successfully.
"BVTConsumer" => removed successfully.
C:\Windows => ":AstInfo" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4205097835-220730537-2927603946-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4205097835-220730537-2927603946-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30713710 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 228162227 B
Firefox => 37763595 B
Opera => 1006748 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
LocalService => 33058 B
NetworkService => 0 B
RA => 713076 B

RecycleBin => 12847 B
EmptyTemp: => 284.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:57:38 ====
#7

Ok comprobar funcionamiento del PC otras 24 horas y me dices.

También comenta que los discos externos no te los lee?.. no puedes usarlos?

#8

Son las 9 nueve de la noche Una hora después de escribirte el mensaje se congelo la pagina de chrome y el Bluestack. logre mandar a apagar la pc por el botón de inicio pero se quedo en la pantalla de apagando de window y no se apago. Tuve que forzar el apagado con el botón de encendido.

Sobre los discos externos tengo tiempo que no los puedo utilizar. Los coloco en los puerto encienden la luz pero no se ven en la maquina. También los probé en el laptop de mi esposo y una vez si se logró cargar uno de los discos, pero luego dejó de funcionar. No sé si será el cable.

Te leo mañana. Gracias de nuevo

#9

Desinstala Avast , reiniciado el pc, compruebe como va

#10

Buen día. Antes de leer su mensaje desinstalé el avast a las 5:30 de la mañana Son las 10:24 y a funcionado bastante bien. Pero si hay un problema y creo saber cual es. El Bluestack que es un programa que simula ser un teléfono android trae un “aplicación”· que se llama HELPER:EXE que lo utilizan para minar a través de las pc. Yo lo detengo con el zoneAlarm , pero desde hace un poco más de una semana comenzó el problema que me trajo aquí. No quiero desinstalar el bluestacks porque por ahi tengo instalado el whatsapp para hablar con mi hijo que esta en España (Yo estoy en Venezuela y ya debes conocer el problema que tenemos con las comunicaciones). NO tengo movil y tengo instalado dos juegos que me entretienen bastante. No se si exista otro emulador de android que consuma poco recursos ¿como paró la minería a través de mi pc?

#11

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

Task: {F148B608-AE93-4568-9D20-4F4B8688BC41} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc

#12

Buen día Miguel.

Acabo de realizas el proceso ahora pruebo la maquina con el Bluestacks a ver que sucede. Le dejo por aquí una captura que realicé anoche de un aviso que me dio el AVG Algo parecido me había salido hace días pero con el helper,exe y por eso fue que me dí cuenta que lo utilizaban para minar porque me fui a la dirección de donde viene.


^^^^ Resultado del Proceso

Fix result of Farbar Recovery Scan Tool (x86) Version: 04-05-2019
Ran by RA (06-05-2019 06:32:31) Run:1
Running from C:\Users\RA\Desktop
Loaded Profiles: RA (Available Profiles: RA)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

Task: {F148B608-AE93-4568-9D20-4F4B8688BC41} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F148B608-AE93-4568-9D20-4F4B8688BC41}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F148B608-AE93-4568-9D20-4F4B8688BC41}" => removed successfully.
C:\Windows\System32\Tasks\BlueStacksHelper => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BlueStacksHelper" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4205097835-220730537-2927603946-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4205097835-220730537-2927603946-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23297858 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 80476 B
Edge => 0 B
Chrome => 445014597 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 0 B
RA => 11863965 B

RecycleBin => 74660173 B
EmptyTemp: => 529.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 06:32:35 ====
#13

Lo que bloquea el Avg son conexiones, de diferentes archivos de el Emulador, a servidores remotos…

Tu tenias Avast instalado…lo has cambiado?

Comentas como va el pc

#14

Cita

Tu tenias Avast instalado…lo has cambiado?

Si Usted me dijo que lo borrara y lo cambien al avg que es el que siempre he utilizado. El Avast lo comencé a utilizar hace como tres semanas

De momento va regular Pude abrir varias paginas a la vez, ver videos. revisar correo, pero al abrir el bluestacks se comienza a congelar si dejo al zonealarm que le de permiso al helper

Desde que comenzó a salir una pestaña muy rápida cada vez que abría el bS el avg comenzó a darme advertencias como la que le coloque. Bloquee la ip que señalaba en la dirección y la busqué en internet es la 205.185.113.25 La otra es 185.244.25.198 Ambas decian que habían sido denunciadas por servir para minería de criptomonedas

Voy a seguir probando al maquina y ya mañana le digo como va Muchas gracias por todo

#15

Bueno, yo indique desinstalar Avast, pero No que instaleses por ahora otro antivirus, pues no se debe instalar nada que no se indique hasta finalizar todo.

Vete a esta ruta

C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe

Pra ello debes mostrar carpetas ocultas >> Ver archivos ocultos en todos los Windows

Renombra ese archivo a BlueStacksHelper.exe .old

Reinicia el pc y comentas como va

#16

Buenas tardes. Ayer hice lo que usted indicó Utilicé de nuevo el Bs el helper no creó carpeta nueva, pero el zonealarm sigue reportándolo El consumo de la memoria física de la maquina es muy, pero muy alta, Puede ser que necesite otra barra de memoria o que ya la pobre esta obsoleta y chrome necesite muchos más recursos de los que posee mi máquina. Ayer se congeló dos veces Hoy lleva 4 congelamientos solo utilizando chrome El administrador de tareas me señala que tienen 3063 de memoria física y solo con chrome me utiliza en este momento que estoy a prueba de fallo 40% de memoria Y en el recuadro verde que señala Memoria 1.00GB Cuando estoy en normal llega a 2.86 GB de los 3 GB que tiene la máquina-

¿Es un caso perdido?

#17

Y si usas Firefox, sucede igual?

#18

Con firefox es peor. También con opera :crying_cat_face:

#19

realiza lo siguiente ,para limpiar espacio en tu disco duro pues está muy al límite ya pues tienes 32 gigas de espacio libre y se están reduciendo considerablemente y eso afecta al funcionamiento del sistema.

A continuación vas a desinstalar los siguientes programas:

  • Avg
  • Zone alarm
  • Suoerantispyware

Reinicias el PC y pruebas cómo es el funcionamiento en estos momentos

#20

Otra cosa que no le había comentado y que recordé ahora No puedo hacer actualizaciones de windows Por más que mando a actualizar siempre da falla