Navegador o algunos programas hace ctrl+z solo

Saludos a todos,

Realicé una búsqueda y no encontré un tema similar. Lo que pasa con mi computador es que algunas veces hace como un ctrl+z y regresa las cosas. Lo raro es que con el navegador lo regresa hasta el inicio del navegador y no me deja darle “hacia adelante” o ctrl+y.

El problema no es solo del navegador, soy profesor y uso el programa Flexsim, acá también me hace crtl+z y tampoco me deja regresar nuevamente las cosas, también me borra cosas que he puesto. Pongo un cuadro y hago muchas cosas más, pero solo me borra el cuadro y no las cosas que hice después. Con Excel también me pasa.

Como rutina de mantenimiento mensualmente corro malwarebytes (versión de prueba), superspyware (versión de prueba) y tengo activo el antivirus ESET (versión pagada legal). El office y el windows son originales, me los da la universidad gratis.

Gracias y estaré atento.

Hola @camus24

Analicemos profundamente ese equipo:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

• Malwarebytes Anti-Malware
• AdwCleaner
• ZHPCleaner
• CCleaner

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

• Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
• Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
• NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

• Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
• Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
• Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
• El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

• Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes Versión 4

• Lo ejecutas siguiendo los pasos de su Manual.
• Realizas un Análisis Personalizado
• Revisa especialmente como salvar el reporte.

4.- Luego de finalizar todo lo anterior y reiniciar vuelve a desactiva temporalmente tu antivirus y cualquier programa de seguridad.

5.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan/Analizar y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio, debes adjuntar ambos

Guía: Como Ejecutar FRST

6.- En tu próxima respuesta, pegas todos los reportes generados, si no entran en un Post, revisa el Método 4 de la Guía o utilizas mas mensajes.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Saludos, realicé todas las pruebas. Antes de pegar los reportes deseo comentar algo que pasó. Casi nunca reinicio el sistema, siempre lo prendo y lo apago sin ningún problema, al seguir estos pasos, después de que al adwcleaner me pidiera reiniciar y darle que si, el sistema estaba prendiendo y salió la pantalla azul de error. Pensé que era por el mismo programa, pero en el paso 4 de las instrucciones, que también pide reiniciar volvió a pasar lo mismo, el mensaje azul de error, no alcancé a anotar el código del error que sale.

Reporte Adwcleaner

# -------------------------------

# Malwarebytes AdwCleaner 8.0.6.0

# -------------------------------

# Build: 06-24-2020

# Database: 2020-06-15.1 (Cloud)

# Support: https://www.malwarebytes.com/support

#

# -------------------------------

# Mode: Scan

# -------------------------------

# Start: 07-14-2020

# Duration: 00:00:23

# OS: Windows 10 Home Single Language

# Scanned: 31836

# Detected: 7

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE

Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F88C153-C11E-404B-8135-24639199A4F4}

Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher

Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}

Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}

Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER

Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID

AdwCleaner[S00].txt - [1343 octets] - [15/07/2018 13:05:59]

AdwCleaner[C00].txt - [1509 octets] - [15/07/2018 13:06:47]

AdwCleaner[S01].txt - [1380 octets] - [15/07/2018 13:35:00]

AdwCleaner[S02].txt - [1864 octets] - [27/03/2019 09:47:14]

AdwCleaner[C02].txt - [2033 octets] - [27/03/2019 09:49:07]

AdwCleaner_Debug.log - [21711 octets] - [24/11/2019 08:03:45]

AdwCleaner[S03].txt - [3889 octets] - [24/11/2019 08:04:51]

AdwCleaner[C03].txt - [2699 octets] - [24/11/2019 08:06:42]

AdwCleaner[S04].txt - [3355 octets] - [03/04/2020 13:10:15]

AdwCleaner[C04].txt - [2794 octets] - [03/04/2020 13:48:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########

Reporte ZHPCleaner

~ ZHPCleaner v2020.7.13.212 by Nicolas Coolman (2020/07/13)

~ Run by Henry Percy (Administrator) (14/07/2020 09:16:48)

~ Web: https://www.nicolascoolman.com

~ Blog: https://nicolascoolman.eu/

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Type : Scanner

~ Report : C:\Users\Henry Percy\Desktop\ZHPCleaner (S).txt

~ Quarantine : C:\Users\Henry Percy\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt

~ System Restore Point :

~ UAC : Activate

~ Boot Mode : Normal (Normal boot)

Windows 10 Home Single Language, 64-bit (Build 18362)

---\\ Alternate Data Stream (ADS). (0)

~ No malintencionados o innecesarios artículos encontrados.

---\\ Servicios (0)

~ No malintencionados o innecesarios artículos encontrados.

---\\ Navegadores de Internet (0)

~ No malintencionados o innecesarios artículos encontrados.

---\\ Hosts carpeta (1)

~ El archivo hosts es legítimo (119)

---\\ Tareas automáticas programadas. (0)

~ No malintencionados o innecesarios artículos encontrados.

---\\ Explorador ( Archivos, Carpetas ) (0)

~ No malintencionados o innecesarios artículos encontrados.

---\\ Registro ( Claves, Valores, Datos) (0)

~ No malintencionados o innecesarios artículos encontrados.

---\\ Resultado de la reparación.

~ ninguna reparación hecha

~ Google Chrome OK

~ Mozilla Firefox OK

~ Internet Explorer OK

~ Opera OK

---\\ STATISTIQUES

~ Items escaneado : 118541

~ Items encontrado : 0

~ artículos cancelados : 0

~ Ahorro de espacio (bytes) : 0

~ Items opciones : 8/15

---\\ OPCIONES NO ACTIVAS

~ Análisis temporal de archivos

~ Análisis temporal de carpetas

~ Análisis de CLSID de carpetas vacías

~ Vaciar otro análisis de carpetas

~ Análisis de carpetas locales vacías

~ Análisis de carpetas locales vacías

~ Análisis de archivos de instalación obsoleto

~ End of search in 00h11mn53s

---\\ Reporte (0)

ZHPCleaner-[S]-14072020-09_28_41.txt

Reporte Malwarebytes

Malwarebytes

www.malwarebytes.com

-Detalles del registro-

Fecha del análisis: 14/7/20

Hora del análisis: 9:34

Archivo de registro: 258988b4-c5df-11ea-9db1-ac220baf99a4.json

-Información del software-

Versión: 4.1.0.56

Versión de los componentes: 1.0.859

Versión del paquete de actualización: 1.0.26817

Licencia: Gratis

-Información del sistema-

SO: Windows 10 (Build 18362.900)

CPU: x64

Sistema de archivos: NTFS

Usuario: HENRYPERCY\Henry Percy

-Resumen del análisis-

Tipo de análisis: Análisis personalizado

Análisis iniciado por:: Manual

Resultado: Completado

Objetos analizados: 1022287

Amenazas detectadas: 6

Amenazas en cuarentena: 0

Tiempo transcurrido: 1 hr, 7 min, 27 seg

-Opciones de análisis-

Memoria: Activado

Inicio: Activado

Sistema de archivos: Activado

Archivo: Activado

Rootkits: Desactivado

Heurística: Activado

PUP: Detectar

PUM: Detectar

-Detalles del análisis-

Proceso: 0

(No hay elementos maliciosos detectados)

Módulo: 0

(No hay elementos maliciosos detectados)

Clave del registro: 0

(No hay elementos maliciosos detectados)

Valor del registro: 0

(No hay elementos maliciosos detectados)

Datos del registro: 0

(No hay elementos maliciosos detectados)

Secuencia de datos: 0

(No hay elementos maliciosos detectados)

Carpeta: 0

(No hay elementos maliciosos detectados)

Archivo: 6

MachineLearning/Anomalous.100%, C:\PROGRAM FILES (X86)\TIPARD STUDIO\TIPARD IPHONE TRANSFER ULTIMATE\PATCH.EXE, Sin acciones por parte del usuario, 0, 392687, 1.0.26817, , shuriken,

Generic.Malware/Suspicious, E:\DOWNLOADS CUALQUIERAS\WHOS.ON.MY.WIFI.2.1.7\WHOS.ON.MY.WIFI.KEYGEN.REPT\WHOS.ON.MY.WIFI.KEYGEN.2013.REPT.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.26817, , shuriken,

Generic.Malware/Suspicious, E:\DOWNLOADS CUALQUIERAS\WHOS.ON.MY.WIFI.2.1.7\WHOS.ON.MY.WIFI.KEYGEN.REPT.RAR, Sin acciones por parte del usuario, 0, 392686, 1.0.26817, , shuriken,

Malware.Generic.923849912, E:\VR\BASE 9.5\MYDISKFIX FORMAT UTILITY\MYDISKFIX.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.26817, EB42739E102DDFDB3710D4B8, dds, 00807087

MachineLearning/Anomalous.100%, E:\VR\BASE 9.5\TIPARD.IPHONE.TRANSFER.ULTIMATE.8.2.30\TIPARD.IPHONE.TRANSFER.ULTIMATE.8.2.30\UMP1.2.RAR, Sin acciones por parte del usuario, 0, 392687, 1.0.26817, , shuriken,

Malware.Generic.923849912, E:\VR\BASE 9.5\MYDISKFIX FORMAT UTILITY.RAR, Sin acciones por parte del usuario, 1000000, 0, 1.0.26817, EB42739E102DDFDB3710D4B8, dds, 00807087

Sector físico: 0

(No hay elementos maliciosos detectados)

WMI: 0

(No hay elementos maliciosos detectados)

(end)

Reporte FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-07-2020 01

Ejecutado por Henry Percy (administrador) sobre HENRYPERCY (ASUSTeK COMPUTER INC. N550JV) (14-07-2020 11:02:52)

Ejecutado desde C:\Users\Henry Percy\Desktop

Perfiles cargados: Henry Percy

Platform: Windows 10 Home Single Language Versión 1903 18362.900 (X64) Idioma: Español (España, internacional)

Navegador predeterminado: FF

Modo de Inicio: Normal

Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe

(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe

(Atheros) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe

(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe

(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe

(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe

(Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe

(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(StagWare) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe

(StagWare) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\NoteBook FanControl\NoteBookFanControl.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-07-10] (ESET, spol. s r.o. -> ESET)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)

HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-06-04] (ASUSTeK Computer Inc. -> ASUS)

HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-09-26] (Intel(R) Driver & Support Assistant -> Intel)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48594832 2020-06-15] (Google LLC -> )

HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [PTOneClick] => C:\Users\Henry Percy\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184120 2020-03-28] (Cisco WebEx LLC -> Cisco Webex LLC)

HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [NBFC-ClientApplication] => C:\Program Files (x86)\NoteBook FanControl\NoteBookFanControl.exe [427008 2019-04-14] (StagWare) [Archivo no firmado] [El archivo está en uso]

HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [Opera Browser Assistant] => C:\Users\Henry Percy\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3105304 2020-07-07] (Opera Software AS -> Opera Software)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{4B95ACA9-75CD-4442-AFC2-7D508B03711B}] -> Msiexec.exe /fu {4B95ACA9-75CD-4442-AFC2-7D508B03711B} /qn

HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Archivo no firmado]

HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Archivo no firmado]

GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {006BE61E-A9C6-4750-923F-304908EDC6A9} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407736 2015-11-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)

Task: {04553AB6-D8B1-4C47-BD35-15798EBC32D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN

Task: {0600FDE5-90FC-44D2-B90C-6BE49AFB7E2B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

Task: {0CBA421A-DBA6-4973-B0F5-555C88321DB4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {0DBB37E3-54F9-4E14-BD25-6C9D7196C06F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1850776 2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}

Task: {147EF152-C592-431F-9DF4-EE588894047D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {153C2201-AE79-4492-9493-D9ED5B89F0BE} - System32\Tasks\{8CF2B0BF-D9B1-4D95-A5A9-EA00C548822D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.21.0.100&LastError=404

Task: {17CE098D-85D7-4990-BA10-6815B140CF07} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {1A2C33CF-452B-4AE9-90DF-302DB1CEAE2D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {1C828256-374B-4BFE-8F74-1AE1A13E3347} - System32\Tasks\AdwCleaner_onReboot => E:\DOWNLOADS CUALQUIERAS\forospyware julio 2020\adwcleaner_8.0.6.exe [8420016 2020-07-14] (Malwarebytes Inc -> Malwarebytes)

Task: {26670623-61ED-445B-8D1B-84EC7F6119D7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {2A12821C-42A8-4989-95DF-F854521197BD} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2278168 2013-07-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {2C05F02E-1752-4639-AFA8-A188A788CDFD} - System32\Tasks\Opera scheduled assistant Autoupdate 1584381389 => C:\Users\Henry Percy\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-18] (Opera Software AS -> Opera Software)

Task: {328092B3-101B-4560-950A-BE68199E7983} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1036088 2013-06-19] (ASUSTeK Computer Inc. -> ASUS)

Task: {329D0294-59F4-4F95-88DB-EA5FEA7547F2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {3695FA15-3CCF-415D-BC5B-F7484F0096D3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN

Task: {3F8C98C8-033E-4F97-9BF7-13BCDEE26985} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)

Task: {4BCF9256-D5C8-4AC8-9FC2-A0F1112A5241} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)

Task: {52D9F939-2C31-4AFC-9BB4-9BD0ED33FFA4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

Task: {5CB60D51-793B-4074-8B49-2AEC9A9DED61} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe

Task: {5E35571A-C523-4038-9031-B42934385480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

Task: {6225C13A-6DF4-4DD4-A987-5F8AB33FCB09} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN

Task: {6499AD08-5B5A-4113-9991-6F8EF60FD761} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-12-17] () [Archivo no firmado]

Task: {6C290EEE-9E96-4884-BD33-6000DB7806DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Task: {78C840A3-1B9C-4B01-BD8C-F94512DB4BD7} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

Task: {7AB89C6B-6041-4392-BCEB-27B396A2AD64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN

Task: {7CB0F760-1523-4CF1-B07A-5C21F57CE3D7} - System32\Tasks\GoogleUpdateTaskMachineUA1cfeb5cc3f0626e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

Task: {7D0E0FF6-13B6-4342-A2FD-510351F53098} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {7E825CF5-E187-4890-93C7-C20171109A8B} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {817293CC-0C6A-4BEC-8904-64482094D3B6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {82B5EFB0-8161-4A66-80BA-0DC852DB64AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6063024 2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}

Task: {874139B0-C616-4856-8849-E95D2FAE4368} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-13] (Adobe Inc. -> Adobe)

Task: {896A013D-65B8-4789-88DF-363D017F7ECD} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)

Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}

Task: {93B11ABD-D1E4-40D4-9E92-51C31D4DD72E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [170848 2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {990170E9-66E6-4320-8C47-978DDAFA72E6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [5146192 2013-06-05] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {9DE4FF05-E597-4856-8CDB-E59339C74A56} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-09] (Mozilla Corporation -> Mozilla Foundation)

Task: {A30A467F-A17F-4185-829F-1AB8CF2F08FE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)

Task: {A33E6DB6-BB3E-4EAF-BDEB-C2377078DD5B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)

Task: {A8A958E6-C8CE-4C3A-A0BC-D262CFA2C01A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-13] (Adobe Inc. -> Adobe)

Task: {A90A963E-8A19-486C-8954-A94C720F0E7A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [170848 2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Task: {AA9F500F-6015-420E-88CC-89AD33C2B6FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)

Task: {AEFE5A30-B41C-44EC-A554-1000E035D052} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe

Task: {B6D50BBA-AA32-44AD-ADAA-C61912128B6F} - System32\Tasks\{952A8D83-D67D-4085-9807-B1323EC94F15} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.39.0.102&LastError=12029

Task: {B70AB5AB-6B94-40A8-AD7A-6E6765087DEB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {C5AF0CCF-BFAE-427B-AC4D-63C9C1B3CE38} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN

Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}

Task: {CA894ABF-18C7-4A2E-A03F-2330B177F703} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)

Task: {CA8DCD13-2934-4991-8B44-E7FFCF37FE5A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {CBEB2CB5-99D3-4254-943C-9671EE9BCC71} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN

Task: {CC03F4F3-95DE-49EA-83D1-F84D236E6FA4} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407736 2015-11-16] (Realtek Semiconductor Corp -> Realtek Semiconductor)

Task: {CC2B2115-67E1-490D-89E1-EDC85005FB3A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}

Task: {D5783697-6601-4A61-8419-9D033440C78B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {D5A56737-ED96-4281-A94F-6E5530367E55} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN

Task: {DA26F807-D62A-48B0-814E-E3DA1B0AEE4D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN

Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}

Task: {DDF01A16-DA13-4AEC-BE6C-87D9AE458D02} - System32\Tasks\Opera scheduled Autoupdate 1584381384 => C:\Users\Henry Percy\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-18] (Opera Software AS -> Opera Software)

Task: {E7F3C426-6649-4EA3-B5CA-376978C6691D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN

Task: {E91D202D-70DF-4D70-96E7-7A58000D8692} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN

Task: {E93AF17C-AEF4-4709-A24E-66DE486E06FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN

Task: {EC1A27D0-94D2-48DC-872A-A4EEAD5A09CA} - System32\Tasks\Pantalla => "C:\Users\Henry Percy\pantalla.cmd"

Task: {EC61C5BB-AAAB-4A6C-A782-F477A4584B29} - System32\Tasks\{204DF228-A169-4DCF-B533-3AD3FE059620} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/es/abandoninstall?page=tsPlugin

Task: {F125CCC4-5443-4256-AD5F-73852CE60AFC} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {F204B1E9-693B-4BCA-8EBA-0D6515291EA5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6063024 2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt

Tcpip\Parameters: [DhcpNameServer] 181.70.124.110 200.13.249.101

Tcpip\..\Interfaces\{657d5e98-4628-46fb-b686-9a7d2c997257}: [DhcpNameServer] 181.70.124.110 200.13.249.101

Tcpip\..\Interfaces\{83255062-b1de-4745-bc4f-d5d79a1f9638}: [DhcpNameServer] 181.70.124.110 200.13.249.101

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

HKU\S-1-5-21-970227938-1326680726-1648082153-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/

SearchScopes: HKU\S-1-5-21-970227938-1326680726-1648082153-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)

BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Archivo no firmado]

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-10] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-10] (Oracle America, Inc. -> Oracle Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-10] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

========

FF DefaultProfile: jcfnbium.default-1511215343475

FF ProfilePath: C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475 [2020-07-14]

FF Extension: (Facebook Container) - C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475\Extensions\@contain-facebook.xpi [2020-04-14]

FF Extension: (Dark Background and Light Text) - C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475\Extensions\[email protected] [2019-11-25]

FF Extension: (uBlock Origin) - C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475\Extensions\[email protected] [2020-07-14]

FF Extension: (uMatrix) - C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475\Extensions\[email protected] [2019-09-06]

FF Extension: (Mendeley Web Importer) - C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475\Extensions\[email protected] [2020-06-30]

FF Extension: (YouTube NonStop) - C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Profiles\jcfnbium.default-1511215343475\Extensions\{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}.xpi [2020-05-29]

FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\[email protected] [2017-03-29] [Heredado] [no firmado]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => no encontrado

FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => no encontrado

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-13] (Adobe Inc. -> )

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-13] (Adobe Inc. -> )

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-15] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-15] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-10] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-10] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-970227938-1326680726-1648082153-1002: @radvision.com/ConfClient -> C:\Users\Henry Percy\AppData\Local\Radvision\Installer\1.5.5.3\npclientinstmgr.dll [2019-02-27] (Avaya Inc. -> Avaya, Inc.)

FF Plugin HKU\S-1-5-21-970227938-1326680726-1648082153-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Henry Percy\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-17] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-07-14]

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-07-14]

Chrome:

=======

CHR DefaultProfile: Profile 2

CHR Profile: C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default [2020-07-14]

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Extension: (Google Docs) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]

CHR Extension: (Google Drive) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]

CHR Extension: (YouTube) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]

CHR Extension: (Google Search) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]

CHR Extension: (Chrome Remote Desktop) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-05-16]

CHR Extension: (Bookmark Manager) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-09]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]

CHR Extension: (Google Wallet) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]

CHR Extension: (Gmail) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]

CHR Profile: C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-07-14]

CHR Extension: (Presentaciones) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]

CHR Extension: (Documentos) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]

CHR Extension: (Google Drive) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]

CHR Extension: (YouTube) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]

CHR Extension: (uBlock Origin) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-05-30]

CHR Extension: (Búsqueda de Google) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]

CHR Extension: (Archive Downloader) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\elhoagejfapekjaefenmngphliikoace [2020-01-12]

CHR Extension: (Hojas de cálculo) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]

CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-27]

CHR Extension: (PDF Mergy - Merge PDF files) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2017-10-11]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-03-25]

CHR Extension: (Morpheon Dark) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-09-13]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]

CHR Extension: (Gmail) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]

CHR Extension: (Chrome Media Router) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]

CHR Extension: (Privacy Badger) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-07-01]

CHR Profile: C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile [2020-07-14]

CHR Extension: (Google Slides) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-16]

CHR Extension: (Google Docs) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-16]

CHR Extension: (Google Drive) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-16]

CHR Extension: (YouTube) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-16]

CHR Extension: (Google Search) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-16]

CHR Extension: (Google Sheets) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-16]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-16]

CHR Extension: (Google Wallet) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-16]

CHR Extension: (Gmail) - C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16]

CHR HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:

=======

OPR DownloadDir: E:\DOWNLOADS CUALQUIERAS

OPR Extension: (uMatrix) - C:\Users\Henry Percy\AppData\Roaming\Opera Software\Opera Stable\Extensions\clblbeknmgobkgonndomehcjpckopfeh [2020-06-10]

OPR Extension: (Dark Mode) - C:\Users\Henry Percy\AppData\Roaming\Opera Software\Opera Stable\Extensions\jabpfojepndedlelamfloejfoopkogcf [2020-06-09]

OPR Extension: (uBlock Origin) - C:\Users\Henry Percy\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-06-10]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-04-10] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-13] (Adobe Inc. -> Adobe)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc. -> Apple Inc.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUSTeK Computer Inc. -> ASUS)

S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe [73200 2020-06-08] (Google LLC -> Google Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574728 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)

R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-09-26] (Intel(R) Driver & Support Assistant -> Intel)

S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371248 2020-07-10] (ESET, spol. s r.o. -> ESET)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel(R) pGFX -> Intel Corporation)

R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Archivo no firmado]

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-15] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)

S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-28] (Malwarebytes Inc -> Malwarebytes)

R2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2019-04-14] (StagWare) [Archivo no firmado] [El archivo está en uso]

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767472 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)

S4 NvTelemetryContainer; C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [782136 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)

S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2124296 2017-04-14] (Electronic Arts, Inc. -> Electronic Arts)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)

R2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [82200 2019-09-25] (Intel Corporation -> Intel(R) Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-28] (Atheros) [Archivo no firmado]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [17280 2012-04-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Archivo no firmado]

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [Archivo no firmado]

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [159528 2020-07-10] (ESET, spol. s r.o. -> ESET)

R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106640 2020-07-10] (ESET, spol. s r.o. -> ESET)

S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)

R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195456 2020-07-10] (ESET, spol. s r.o. -> ESET)

R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53064 2020-07-10] (ESET, spol. s r.o. -> ESET)

R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79536 2020-07-10] (ESET, spol. s r.o. -> ESET)

R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116488 2020-07-10] (ESET, spol. s r.o. -> ESET)

R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)

R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-01] (ASUSTeK Computer Inc. -> )

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-20] (Malwarebytes Inc -> Malwarebytes)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a3d5bcc37ff12fed\nvlddmkm.sys [20747736 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)

R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_a3d5bcc37ff12fed\nvpciflt.sys [57216 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)

R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [18232 2013-06-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project) [Archivo no firmado]

R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )

S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

R1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2020-06-02] (Noriyuki MIYAZAKI -> OpenLibSys.org)

R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [48632 2019-09-25] (Intel Corporation -> Intel Corporation)

R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-04-14] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-07-14 11:02 - 2020-07-14 11:03 - 000046681 _____ C:\Users\Henry Percy\Desktop\FRST.txt

2020-07-14 11:02 - 2020-07-14 10:59 - 002292736 _____ (Farbar) C:\Users\Henry Percy\Desktop\FRST64.exe

2020-07-14 10:55 - 2020-07-14 10:56 - 000588244 _____ C:\WINDOWS\Minidump\071420-10390-01.dmp

2020-07-14 09:28 - 2020-07-14 09:28 - 000008309 _____ C:\Users\Henry Percy\Desktop\ZHPCleaner (S).html

2020-07-14 09:28 - 2020-07-14 09:28 - 000001984 _____ C:\Users\Henry Percy\Desktop\ZHPCleaner (S).txt

2020-07-14 09:16 - 2020-07-14 09:28 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\ZHP

2020-07-14 09:16 - 2020-07-14 09:16 - 000000883 _____ C:\Users\Henry Percy\Desktop\ZHPCleaner.lnk

2020-07-14 09:12 - 2020-07-14 10:55 - 404725631 _____ C:\WINDOWS\MEMORY.DMP

2020-07-14 09:12 - 2020-07-14 09:12 - 000593628 _____ C:\WINDOWS\Minidump\071420-9515-01.dmp

2020-07-14 09:09 - 2020-07-14 09:09 - 000003222 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot

2020-07-09 18:35 - 2020-07-09 18:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

2020-07-09 17:35 - 2020-07-09 17:35 - 000001230 _____ C:\Users\Public\Desktop\FlexSim 2020 Update 1.lnk

2020-07-09 17:35 - 2020-07-09 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlexSim

2020-07-09 10:12 - 2020-07-09 10:12 - 000000000 ____D C:\Program Files\Mozilla Firefox

2020-07-06 18:52 - 2020-07-06 18:52 - 000000000 ____D C:\Users\Henry Percy\Documents\IPEVO_Annotator

2020-07-06 18:52 - 2020-07-06 18:52 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\IPEVO

2020-07-06 18:52 - 2020-07-06 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPEVO

2020-07-06 18:52 - 2020-07-06 18:52 - 000000000 ____D C:\Program Files (x86)\IPEVO

2020-07-01 16:27 - 2020-07-13 09:49 - 000000128 _____ C:\Users\Henry Percy\AppData\Roaming\winscp.rnd

2020-07-01 16:27 - 2020-07-01 16:27 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk

2020-07-01 16:27 - 2020-07-01 16:27 - 000001130 _____ C:\Users\Public\Desktop\WinSCP.lnk

2020-07-01 16:27 - 2020-07-01 16:27 - 000000000 ____D C:\Program Files (x86)\WinSCP

2020-07-01 16:25 - 2020-07-01 16:25 - 000000128 _____ C:\Users\Henry Percy\AppData\Local\PUTTY.RND

2020-07-01 11:32 - 2020-07-01 11:58 - 000000000 ____D C:\Program Files (x86)\Kernel Outlook PST Viewer

2020-07-01 11:32 - 2020-07-01 11:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel Outlook PST Viewer

2020-07-01 11:32 - 2004-03-09 00:00 - 000212240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX

2020-07-01 11:29 - 2020-07-01 11:31 - 000000000 ____D C:\Program Files (x86)\SysTools MailPro+

2020-07-01 11:29 - 2020-07-01 11:29 - 000000000 ____D C:\ProgramData\CDTPL

2020-07-01 10:48 - 2020-07-01 12:51 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\AnyDesk

2020-07-01 04:24 - 2020-07-01 04:24 - 035988764 _____ C:\WINDOWS\SysWOW64\debug.txt

2020-06-30 21:46 - 2020-06-30 21:46 - 000000000 ____D C:\Users\Henry Percy\AppData\Local\Raspberry Pi

2020-06-30 21:45 - 2020-06-30 21:45 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raspberry Pi

2020-06-30 21:45 - 2020-06-30 21:45 - 000000000 ____D C:\Program Files (x86)\Raspberry Pi Imager

2020-06-23 17:52 - 2020-06-23 17:52 - 000000000 ____D C:\WINDOWS\LastGood.Tmp

2020-06-22 17:01 - 2020-06-22 17:02 - 000000000 ____D C:\Users\Henry Percy\AppData\Local\Alt.Binz

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-07-14 11:03 - 2019-11-24 08:35 - 000000000 ____D C:\FRST

2020-07-14 11:01 - 2020-03-17 06:29 - 000000000 ____D C:\Users\Henry Percy\Downloads\opera autoupdate

2020-07-14 11:00 - 2019-08-03 14:01 - 002384384 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2020-07-14 11:00 - 2019-08-03 12:29 - 000478180 _____ C:\WINDOWS\system32\perfh011.dat

2020-07-14 11:00 - 2019-08-03 12:29 - 000132960 _____ C:\WINDOWS\system32\perfc011.dat

2020-07-14 11:00 - 2019-03-19 06:59 - 000789814 _____ C:\WINDOWS\system32\perfh00A.dat

2020-07-14 11:00 - 2019-03-19 06:59 - 000156068 _____ C:\WINDOWS\system32\perfc00A.dat

2020-07-14 11:00 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF

2020-07-14 11:00 - 2016-11-15 21:56 - 000000000 ____D C:\Users\Henry Percy\AppData\LocalLow\Mozilla

2020-07-14 10:58 - 2017-04-12 20:12 - 000000000 ____D C:\ProgramData\NVIDIA

2020-07-14 10:56 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2020-07-14 10:56 - 2018-10-08 09:20 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2020-07-14 10:56 - 2014-05-23 10:08 - 000000000 __SHD C:\Users\Henry Percy\IntelGraphicsProfiles

2020-07-14 10:55 - 2020-01-12 09:51 - 000000000 ____D C:\WINDOWS\Minidump

2020-07-14 10:55 - 2019-08-03 14:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2020-07-14 10:55 - 2019-08-03 13:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2020-07-14 10:54 - 2019-03-18 23:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2020-07-14 09:30 - 2020-04-10 14:49 - 000214496 ____N (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2020-07-14 09:09 - 2015-12-13 21:56 - 000000000 ____D C:\Program Files (x86)\ASUS

2020-07-14 09:00 - 2019-06-23 23:26 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\MPC-HC

2020-07-14 09:00 - 2014-06-23 18:28 - 000000000 ____D C:\Program Files (x86)\Steam

2020-07-14 08:37 - 2017-04-11 23:50 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture

2020-07-13 20:04 - 2020-03-21 19:38 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\obs-studio

2020-07-13 19:43 - 2019-10-04 02:22 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData

2020-07-13 14:20 - 2019-08-03 14:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0A8213DB-ECEA-42D3-A753-E2C6EDADE0EA}

2020-07-13 08:23 - 2020-06-02 21:24 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\NoteBookFanControl

2020-07-13 08:22 - 2020-06-02 21:24 - 000000000 ____D C:\ProgramData\NbfcService

2020-07-12 19:07 - 2019-08-03 13:50 - 000587368 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2020-07-12 18:18 - 2017-12-10 07:13 - 000000000 ____D C:\Users\Henry Percy\AppData\Local\Packages

2020-07-10 15:53 - 2018-05-18 07:22 - 000195456 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys

2020-07-10 15:53 - 2018-05-18 07:22 - 000159528 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys

2020-07-10 15:53 - 2018-05-18 07:22 - 000116488 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys

2020-07-10 15:53 - 2018-05-18 07:22 - 000106640 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys

2020-07-10 15:53 - 2018-05-18 07:22 - 000079536 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys

2020-07-10 15:53 - 2018-05-18 07:22 - 000053064 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys

2020-07-10 12:16 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2020-07-10 12:14 - 2014-06-23 19:07 - 000000000 ____D C:\Program Files\Microsoft Office

2020-07-09 23:38 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps

2020-07-09 23:38 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness

2020-07-09 18:35 - 2014-06-23 17:11 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2020-07-09 17:36 - 2015-01-10 13:18 - 000000000 ____D C:\ProgramData\Package Cache

2020-07-09 17:35 - 2020-04-29 07:22 - 000000000 ____D C:\Users\Henry Percy\Documents\FlexSim 2020 Projects

2020-07-09 17:35 - 2020-04-29 07:22 - 000000000 ____D C:\Program Files\FlexSim 2020 Update 1

2020-07-08 17:10 - 2019-08-03 14:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

2020-07-08 17:09 - 2015-11-09 21:07 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2020-07-08 09:26 - 2020-03-16 12:56 - 000004490 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1584381389

2020-07-04 13:27 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\NDF

2020-07-04 10:50 - 2020-05-21 09:38 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2020-07-02 07:00 - 2014-06-23 17:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2020-06-30 21:46 - 2020-03-28 18:56 - 000000000 ____D C:\Users\Henry Percy\AppData\Local\cache

2020-06-29 21:05 - 2019-06-13 13:35 - 000002075 _____ C:\Users\Public\Desktop\Google Slides.lnk

2020-06-29 21:05 - 2019-06-13 13:35 - 000002073 _____ C:\Users\Public\Desktop\Google Sheets.lnk

2020-06-29 21:05 - 2019-06-13 13:35 - 000002063 _____ C:\Users\Public\Desktop\Google Docs.lnk

2020-06-29 21:05 - 2019-06-13 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google

2020-06-24 16:04 - 2015-08-07 07:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2020-06-23 12:20 - 2015-10-31 18:48 - 000000000 ____D C:\Users\Henry Percy\AppData\Roaming\MusicBee

2020-06-22 09:45 - 2020-03-16 12:56 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1584381384

2020-06-22 09:45 - 2020-03-16 12:56 - 000001489 _____ C:\Users\Henry Percy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk

==================== Archivos en la raíz de algunos directorios ========

2014-07-01 16:02 - 2014-07-01 16:23 - 000000179 _____ () C:\Users\Henry Percy\pantalla.cmd

2020-07-01 16:27 - 2020-07-13 09:49 - 000000128 _____ () C:\Users\Henry Percy\AppData\Roaming\winscp.rnd

2018-02-05 14:29 - 2018-02-06 16:30 - 000000027 _____ () C:\Users\Henry Percy\AppData\Local\.sdpl-system-config4

2018-09-29 09:03 - 2018-09-29 09:03 - 000000000 _____ () C:\Users\Henry Percy\AppData\Local\oobelibMkey.log

2020-07-01 16:25 - 2020-07-01 16:25 - 000000128 _____ () C:\Users\Henry Percy\AppData\Local\PUTTY.RND

2014-10-14 15:42 - 2018-08-28 19:10 - 000007612 _____ () C:\Users\Henry Percy\AppData\Local\Resmon.ResmonCfg

2020-03-28 11:04 - 2020-03-28 11:06 - 000000075 _____ () C:\Users\Henry Percy\AppData\Local\update_progress.txt

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Reporte primera parte FRST Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01

Ejecutado por Henry Percy (14-07-2020 11:03:56)

Ejecutado desde C:\Users\Henry Percy\Desktop

Windows 10 Home Single Language Versión 1903 18362.900 (X64) (2019-08-03 19:02:35)

Modo de Inicio: Normal

==========================================================

==================== Cuentas: =============================

Administrador (S-1-5-21-970227938-1326680726-1648082153-500 - Administrator - Disabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-970227938-1326680726-1648082153-503 - Limited - Disabled)

Henry Percy (S-1-5-21-970227938-1326680726-1648082153-1002 - Administrator - Enabled) => C:\Users\Henry Percy

Invitado (S-1-5-21-970227938-1326680726-1648082153-501 - Limited - Disabled)

mzaqlcyrus (S-1-5-21-970227938-1326680726-1648082153-1007 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-970227938-1326680726-1648082153-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: ESET Security (Disabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}

AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

. . (HKLM\...\{5F4E8D94-3947-4019-9239-D2541C9A35F2}) (Version: 7.1 - Intel) Hidden

. . . (HKLM-x32\...\{7A5E4942-A527-42E6-A5FC-95109B756CA8}) (Version: 3.5.1.7 - Intel) Hidden

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Actualización de NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)

Amazon Kindle (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)

Anaconda3 2019.03 (Python 3.7.3 64-bit) (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Anaconda3 2019.03 (Python 3.7.3 64-bit)) (Version: 2019.03 - Anaconda, Inc.)

Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)

Annotator 4.6.6.133 (HKLM-x32\...\{4B95ACA9-75CD-4442-AFC2-7D508B03711B}) (Version: 4.6.6.133 - IPEVO)

Aplicaciones de Microsoft 365 para empresas - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.13001.20266 - Microsoft Corporation)

Apple Application Support (32 bits) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)

Apple Application Support (64 bits) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)

Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)

Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)

Assimil French 1.0.0 (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\4e34c416-868f-5030-a800-0d12031f5ea8) (Version: 1.0.0 - Mantano)

ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.2 - ASUS)

ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.2 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.3 - ASUS)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS)

Avaya Scopia® Desktop Client (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\{D4B018FD-B6EF-42E0-BE6D-31E1C60189E4}) (Version: - Avaya, Inc.)

Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)

Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)

Blackboard Collaborate Launcher (HKLM-x32\...\{51D4C008-F059-4447-BEC7-2DFECD932E35}) (Version: 1.6.5.0 - Blackboard)

calibre (HKLM-x32\...\{02EBD037-F206-488D-B717-B28C5A08D768}) (Version: 3.11.1 - Kovid Goyal)

CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)

Chrome Remote Desktop Host (HKLM-x32\...\{FEA4124F-FABE-440B-BA03-489722A59439}) (Version: 84.0.4147.39 - Google Inc.)

Cisco Webex Meetings (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\ActiveTouchMeetingClient) (Version: 40.2.8 - Cisco Webex LLC)

Citra (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\{5a6a8457-d33d-437a-8c91-207b7e2d9bc3}) (Version: 1.0.0 - Citra Team)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden

ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.2.15.0 - ESET, spol. s r.o.)

FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )

Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.6 - Androxyde)

FlexSim 2020 Update 1 (HKLM\...\{FBC6F10A-5793-42F3-B241-8D4DF43461D1}) (Version: 20.1.3 - FlexSim Software Products Inc.) Hidden

FlexSim 2020 Update 1 (HKLM-x32\...\{4e431c61-9e39-434b-9847-eb271235761a}) (Version: 20.1.3 - FlexSim Software Products, Inc.)

FlexSim Version Selector (HKLM\...\{58AF9B62-7740-4FA5-8142-F64550A349B1}) (Version: 20.1.1 - FlexSim Software Products, Inc.)

FlexSim Version Selector (HKLM\...\{A0B03758-E59C-464F-98DA-0CCE2C64E07E}) (Version: 19.2.3 - FlexSim Software Products, Inc.)

Galeria de Fotografias (HKLM-x32\...\{23079EF2-2617-4BFC-BDFF-E6AE8D79B734}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

GAMS win64 25.1.2 (HKLM\...\GAMS win64 25.1_is1) (Version: GAMS 25.1.2 - GAMS Development)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

GSmartControl (HKLM-x32\...\GSmartControl) (Version: 1.1.3 - Alexander Shaduri)

IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)

Icecream PDF Editor versión 1.34 (HKLM-x32\...\{D5146040-599A-4772-8458-F5AEAB87B394}_is1) (Version: 1.34 - Icecream Apps)

Intel Processor Diagnostic Tool 64bit (HKLM-x32\...\{33c2aa5e-03d0-46ea-bc0b-a3311366796b}) (Version: 4.1.1.33 - )

Intel(R) Computing Improvement Program (HKLM\...\{2C895850-899F-4E06-ADB6-28A654FFCF9D}) (Version: 2.2.04036 - Intel Corporation)

Intel(R) Extreme Tuning Utility (HKLM-x32\...\{6FB77AA0-DC58-44C6-A0DD-2FC5272EA531}) (Version: 6.5.1.360 - Intel Corporation) Hidden

Intel(R) Extreme Tuning Utility (HKLM-x32\...\{b5dc28d7-72cb-4bb1-a9a7-3ae096f0980f}) (Version: 6.5.1.360 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)

Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)

Intel® Driver & Support Assistant (HKLM-x32\...\{ef2ad7ab-dd41-48ed-ae53-f7fe3cd903d8}) (Version: 3.5.1.7 - Intel)

JabRef 3.8.2 (HKLM\...\0034-7691-1464-4754) (Version: 3.8.2 - JabRef Community)

Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)

Kernel Outlook PST Viewer ver 20.3 (HKLM-x32\...\Kernel Outlook PST Viewer_is1) (Version: - KernelApps Pvt.Ltd.)

K-Lite Codec Pack 15.4.1 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.1 - KLCP)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )

Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)

Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.5230.111 - Waves Audio Ltd.) Hidden

Mendeley Desktop 1.17.10 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.10 - Mendeley Ltd.)

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27029 (HKLM-x32\...\{64ff2cb0-807c-4ee9-87ef-ec1b2ede0daf}) (Version: 14.16.27029.1 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27029 (HKLM-x32\...\{f50edb7e-c25e-47b4-bc4f-7ec4a4d256b1}) (Version: 14.16.27029.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)

Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{3B5AAF87-531E-4163-BE79-8989FC249173}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 52.0.2 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 es-ES)) (Version: 52.0.2 - Mozilla)

Mozilla Firefox 78.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 78.0.2 (x64 es-ES)) (Version: 78.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 78.0.2.7494 - Mozilla)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

msxml4 (HKLM-x32\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)

MusicBee 3.3.7310 (HKLM-x32\...\MusicBee) (Version: 3.3.7310 - Steven Mayall)

NoteBook FanControl (HKLM-x32\...\{6ccab7ac-feb0-4395-97e3-75cd6f6c407b}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare)

NoteBook FanControl (HKLM-x32\...\{C027E819-C64C-443E-B6D5-755FE4A7A925}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare) Hidden

Nox APP Player (HKLM-x32\...\Nox) (Version: 6.6.0.5 - Duodian Technology Co. Ltd.)

NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden

NVIDIA Controlador de audio HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.19.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.94 - NVIDIA Corporation)

NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.1 - OBS Project)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden

OPC Core Components Redistributable (x64) 3.0.107.24 (HKLM\...\{725FFCF9-5D38-4249-8697-9BDB415E6B00}) (Version: 3.0.10700 - OPC Foundation) Hidden

OPC Core Components Redistributable (x86) 3.0.107.24 (HKLM-x32\...\{40656A0A-4B04-43D7-8F68-32B55B2A156D}) (Version: 3.0.10700 - OPC Foundation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version: - )

Opera Stable 68.0.3618.173 (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Opera 68.0.3618.173) (Version: 68.0.3618.173 - Opera Software)

Origin (HKLM-x32\...\Origin) (Version: 10.4.6.33873 - Electronic Arts, Inc.)

Panel de control de NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden

Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)

Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.60825 - Microsoft Corporation)

Pdfedit (HKLM-x32\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version: 4.5.0.0 - PdfEdit team)

Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.230 - Qualcomm Atheros Communications)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

R for Windows 3.3.3 (HKLM\...\R for Windows 3.3.3_is1) (Version: 3.3.3 - R Core Team)

R for Windows 4.0.0 (HKLM\...\R for Windows 4.0.0_is1) (Version: 4.0.0 - R Core Team)

RapidMiner Studio (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\RapidMiner Studio) (Version: 9.3.1.0 - RapidMiner)

Raspberry Pi Imager (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Raspberry Pi Imager) (Version: 1.3 - Raspberry Pi)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7661 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)

SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)

SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1016 - SUPERAntiSpyware.com)

Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)

Tipard iPhone Transfer Ultimate 8.2.30 (HKLM-x32\...\{03905CD1-11B5-4cae-9508-C0EAD274D250}_is1) (Version: 8.2.30 - Tipard Studio)

TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software)

Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)

Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)

Vensim PLE x32 version 7.1 (HKLM-x32\...\{C934A5FC-6196-4706-93A7-6A602819FA9E}_is1) (Version: 7.1 - Ventana Systems, Inc.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)

Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

WinSCP 5.17.6 (HKLM-x32\...\winscp3_is1) (Version: 5.17.6 - Martin Prikryl)

Zoom (HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:

=========

ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-08-01] (ASUSTeK COMPUTER INC.)

Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]

Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-09] (MAGIX)

Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-12] (Netflix, Inc.)

Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-970227938-1326680726-1648082153-1002_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Henry Percy\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [Archivo no firmado]

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo

ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-10] (ESET, spol. s r.o. -> ESET)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)

ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-10] (ESET, spol. s r.o. -> ESET)

ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [Archivo no firmado]

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)

ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo

ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> Ningún archivo

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [Archivo no firmado]

ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo

ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-07-10] (ESET, spol. s r.o. -> ESET)

ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Archivo no firmado]

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\Henry Percy\AppData\Local\Google\Chrome\User Data\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list

ShortcutWithArgument: C:\Users\Henry Percy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Menú de aplicaciones de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --show-app-list

ShortcutWithArgument: C:\Users\Henry Percy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

ShortcutWithArgument: C:\Users\Henry Percy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

ShortcutWithArgument: C:\Users\Henry Percy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" D:\informacion\Anaconda3\Scripts\activate.bat D:\informacion\Anaconda3

ShortcutWithArgument: C:\Users\Henry Percy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Henry Armando - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Módulos cargados (Lista blanca) =============

2020-07-14 10:56 - 2020-07-14 10:56 - 000114176 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ctypes.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000172544 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_elementtree.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 002250240 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_hashlib.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000032256 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_multiprocessing.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000046080 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_psutil_windows.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000047616 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_socket.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 002819584 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ssl.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000026112 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_yappi.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000080896 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\bz2.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000016384 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\common.time34.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000007680 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\hashobjs_ext.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000301568 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\PIL._imaging.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000168448 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pyexpat.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 001084416 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pysqlite2._sqlite.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000548864 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pythoncom27.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 000137728 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pywintypes27.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 000010752 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\select.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000020992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\thumbnails_ext.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000689664 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\unicodedata.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000119808 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\usb_ext.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000128512 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32api.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000438784 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32com.shell.shell.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000011776 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32crypt.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000023040 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32event.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000149504 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32file.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000223232 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32gui.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000048128 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32inet.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000029696 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pdh.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000027648 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pipe.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000044032 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32process.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000020480 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32profile.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000136192 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32security.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000026624 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32ts.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000034816 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.conditional.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000038400 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.connectivity.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000071680 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.device_monitor.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000109056 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.volumes.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000020480 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.winwrap.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 001325056 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._controls_.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 001489408 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._core_.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 001007104 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._gdi_.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000103424 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._html2.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 000916992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._misc_.pyd

2020-07-14 10:56 - 2020-07-14 10:56 - 001039872 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._windows_.pyd

2020-06-03 23:23 - 2020-06-03 23:23 - 000111104 _____ (GalaSoft Laurent Bugnion @ hxxp://www.galasoft.ch) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\GalaSoft.Mv591a4917#\a222f7ef1c3479e9b29d2f6c9ac9c16a\GalaSoft.MvvmLight.Extras.ni.dll

2020-06-03 23:23 - 2020-06-03 23:23 - 000217600 _____ (GalaSoft Laurent Bugnion @ hxxp://www.galasoft.ch) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\GalaSoft.MvvmLight\39a9f4f71e186dc4f3e3b026e3823075\GalaSoft.MvvmLight.ni.dll

2020-06-03 23:23 - 2020-06-03 23:23 - 000155648 _____ (hardcodet.net) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Hardcodet.W6cab32f3#\cc6bf1fd869e0a9b6d24a4a77e196a37\Hardcodet.Wpf.TaskbarNotification.ni.dll

2018-03-13 19:59 - 2018-01-28 10:00 - 000075776 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll

2020-06-03 23:23 - 2020-06-03 23:23 - 000031232 _____ (Microsoft.Practices.ServiceLocation) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CommonServiceLocator\9db396000d75a4da70e45730a4c05edd\CommonServiceLocator.ni.dll

2020-06-03 23:22 - 2020-06-03 23:22 - 003709952 _____ (NLog) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NLog\e5abf5c32d7bdd67e230aeb0cdb8a3bf\NLog.ni.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 003043328 _____ (Python Software Foundation) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\python27.dll

2020-06-03 23:22 - 2020-06-03 23:22 - 000016896 _____ (StagWare) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.BiosInfo\e5fa0dbcab7002074dfc4235f29e97ce\StagWare.BiosInfo.ni.dll

2020-06-03 23:23 - 2020-06-03 23:23 - 000039424 _____ (StagWare) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Fa1fc2d056#\5a5592a78fa8bc05d8ef78a0747217bc\StagWare.FanControl.Service.ni.dll

2020-06-03 23:22 - 2020-06-03 23:22 - 000209408 _____ (StagWare) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Fafc31ac88#\c1eb95a810e641cf539ad0d6de1fc527\StagWare.FanControl.Configurations.ni.dll

2020-06-03 23:22 - 2020-06-03 23:22 - 000147456 _____ (StagWare) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.FanControl\32fd0bc77419186a2a4c4218e16ffdf4\StagWare.FanControl.ni.dll

2020-06-03 23:23 - 2020-06-03 23:23 - 000039936 _____ (StagWare) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Settings\2df2f41fb42e883292f97b6c8b571199\StagWare.Settings.ni.dll

2020-06-03 23:22 - 2020-06-03 23:22 - 000141312 _____ (Tatham Oddie) [Archivo no firmado] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.IO.A6c43dedd#\e56daab44679b84c9f48347407022f9e\System.IO.Abstractions.ni.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 000202240 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_net_vc90_x64.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 002831872 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_vc90_x64.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 001654784 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_adv_vc90_x64.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 006542336 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_core_vc90_x64.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 000773632 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_html_vc90_x64.dll

2020-07-14 10:56 - 2020-07-14 10:56 - 000137216 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_webview_vc90_x64.dll

Segunda parte reporte FRST Addition

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\sharepoint.com -> hxxps://unaledu-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 08:25 - 2015-08-07 09:47 - 000004064 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
255.255.255.255 broadcasthost
127.0.0.1 local
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 telemetry.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 telemetry.appex.bing.net:443
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 survey.watson.microsoft.com
127.0.0.1 watson.live.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\Skype\Phone\;C:\Users\Henry Percy\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files (x86)\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\IBM\SPSS\Statistics\25\JRE\bin;C:\Program Files (x86)\NoteBook FanControl\
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Henry Percy\AppData\Roaming\Mozilla\Firefox\Fondo de escritorio.bmp
DNS Servers: 181.70.124.110 - 200.13.249.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: BITS => 3
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: NvTelemetryContainer => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Emsisoft Anti-Malware"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "UpdatePSTShortCut"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "Office Timeline Performance Helper"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\StartupApproved\Run: => "PTOneClick"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{AA313E07-276D-481F-811C-39D9EAAFD328}] => (Allow) D:\SteamLibrary\SteamApps\common\Shantae Half-Genie Hero\executable\ShantaeHero64.exe () [Archivo no firmado]
FirewallRules: [{86FDBA40-F2CB-4DC3-B7A0-FE259B9DA957}] => (Allow) D:\SteamLibrary\SteamApps\common\Shantae Half-Genie Hero\executable\ShantaeHero64.exe () [Archivo no firmado]
FirewallRules: [{C3D9AFD2-80C2-4D3F-BAD4-FDEB6C5D78D5}] => (Allow) D:\SteamLibrary\SteamApps\common\Shantae Half-Genie Hero\executable\ShantaeHero.exe () [Archivo no firmado]
FirewallRules: [{C056780F-009D-4143-8DAE-E439DD568C62}] => (Allow) D:\SteamLibrary\SteamApps\common\Shantae Half-Genie Hero\executable\ShantaeHero.exe () [Archivo no firmado]
FirewallRules: [{E83E674E-40FE-4154-9BE8-347C5DDD843F}] => (Allow) D:\SteamLibrary\SteamApps\common\Bendy and the Ink Machine\Bendy and the Ink Machine.exe () [Archivo no firmado]
FirewallRules: [{F37B24E1-E8DB-4E1A-8F6D-98FFF0746A53}] => (Allow) D:\SteamLibrary\SteamApps\common\Bendy and the Ink Machine\Bendy and the Ink Machine.exe () [Archivo no firmado]
FirewallRules: [{C89E8DFF-558E-4632-8BF2-B5907642E68D}] => (Allow) D:\SteamLibrary\SteamApps\common\Gato Roboto\GatoRoboto.exe () [Archivo no firmado]
FirewallRules: [{BEB72986-ED5E-4379-8E39-0881C5FF3CA7}] => (Allow) D:\SteamLibrary\SteamApps\common\Gato Roboto\GatoRoboto.exe () [Archivo no firmado]
FirewallRules: [{9BA20A08-8043-4145-B040-2FA18E10735B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{28677C23-1361-44E1-95E2-E701C0736CBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{50D6751F-1108-4A85-BFD3-2F83FA5BB964}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{325170C9-FD7E-4FA4-8E09-E1010AA90936}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{41666DC5-E8FF-4E1A-B6CD-241E47F03635}] => (Allow) D:\SteamLibrary\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [Archivo no firmado]
FirewallRules: [{720FFA57-4741-43DA-9F73-5C1281EF75D6}] => (Allow) D:\SteamLibrary\SteamApps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [Archivo no firmado]
FirewallRules: [{EB7D1A41-8FC4-4388-AFE5-6C46DB749652}] => (Allow) D:\SteamLibrary\SteamApps\common\DrinkBox_Game4\Game.exe () [Archivo no firmado]
FirewallRules: [{A2475479-B8D7-4B1D-8246-6C1AF09A02A4}] => (Allow) D:\SteamLibrary\SteamApps\common\DrinkBox_Game4\Game.exe () [Archivo no firmado]
FirewallRules: [{C1058ED1-8732-4CD5-BAF2-EDE299544535}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CFE34FC-9584-4314-8E1D-65F2E2937B89}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{32EF027F-3813-48A3-A478-4A937788BAD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B027BBF-B056-4EA4-92C2-1AC9EF450928}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6CCBC7F5-2533-42DA-96D9-3090521BAFC3}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [Archivo no firmado]
FirewallRules: [{5129C041-79C1-46BF-AD41-4EAEB8F0A017}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [Archivo no firmado]
FirewallRules: [{DE476724-06DB-4500-8839-4431F4C8EAC6}] => (Allow) D:\SteamLibrary\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{8BF16A98-2005-432E-9B27-6AEAFEFA9B1A}] => (Allow) D:\SteamLibrary\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{7B7F6E01-AE79-4D0F-8DBA-8FAB7B70ECEA}] => (Allow) D:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [Archivo no firmado]
FirewallRules: [{77ECA94D-B58A-48E6-8926-F5888E2231ED}] => (Allow) D:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe () [Archivo no firmado]
FirewallRules: [{0CC5F43A-302A-47FD-AADF-0EFF297B5296}] => (Allow) D:\SteamLibrary\SteamApps\common\Jamestown\Jamestown.exe () [Archivo no firmado]
FirewallRules: [{AB9AA83A-1365-49B3-9B78-3DBBC106ED89}] => (Allow) D:\SteamLibrary\SteamApps\common\Jamestown\Jamestown.exe () [Archivo no firmado]
FirewallRules: [{F5B27208-D9D3-4B08-BF50-5E1AE3756A66}] => (Allow) D:\SteamLibrary\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{E0927137-F1E5-46E6-822E-AF9A7551B2EC}] => (Allow) D:\SteamLibrary\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> )
FirewallRules: [{C1F06F73-59FC-441F-85CC-819E72084348}] => (Allow) D:\SteamLibrary\SteamApps\common\DISTRAINT\distraint.exe () [Archivo no firmado]
FirewallRules: [{6E9F03E7-140C-4A80-8217-DD08CD3E1D7C}] => (Allow) D:\SteamLibrary\SteamApps\common\DISTRAINT\distraint.exe () [Archivo no firmado]
FirewallRules: [{BEC3D09E-6FE7-4AE9-B4B9-764E99368BF2}] => (Allow) D:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe () [Archivo no firmado]
FirewallRules: [{C857E543-9F64-4050-B565-19BB0D8DABCB}] => (Allow) D:\SteamLibrary\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe () [Archivo no firmado]
FirewallRules: [{DEBF2A1B-4E20-4046-876A-AFE1F8C7E7C1}] => (Allow) D:\SteamLibrary\SteamApps\common\mark_of_the_ninja\bin\game.exe (Klei Entertainment Inc.) [Archivo no firmado]
FirewallRules: [{6BEECD62-D24C-4255-B0A7-D7D7E32288B1}] => (Allow) D:\SteamLibrary\SteamApps\common\mark_of_the_ninja\bin\game.exe (Klei Entertainment Inc.) [Archivo no firmado]
FirewallRules: [{848B951A-A7E1-4D62-A06C-10E80B5E8CF4}] => (Allow) D:\SteamLibrary\SteamApps\common\Orwell\Orwell.exe () [Archivo no firmado]
FirewallRules: [{E06DC431-1E1D-4B5E-A245-84C20431C217}] => (Allow) D:\SteamLibrary\SteamApps\common\Orwell\Orwell.exe () [Archivo no firmado]
FirewallRules: [{70D9A615-CBDE-44E1-9527-5E45B6756BC7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8F1105E0-2EF4-4CF6-9AB2-2A538BE54521}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{96197A3E-E51A-4E23-9A90-FCA929830219}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09E093D7-A220-4BF6-8FF5-335B68AECD84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1460879-D977-40D0-88F7-792B1F89D2CD}] => (Allow) D:\SteamLibrary\SteamApps\common\Doki Doki Literature Club\DDLC.exe () [Archivo no firmado]
FirewallRules: [{5A145DB0-4FFA-4E2E-8AE0-8B0168BEC0CF}] => (Allow) D:\SteamLibrary\SteamApps\common\Doki Doki Literature Club\DDLC.exe () [Archivo no firmado]
FirewallRules: [{263CF342-DF54-453E-9352-495D97062625}] => (Allow) D:\SteamLibrary\SteamApps\common\RiskysRevenge\executable\RiskysRevenge.exe (Wayforward Technologies) [Archivo no firmado]
FirewallRules: [{7EFD5C37-3607-4D85-9FDC-A58DB71F3F88}] => (Allow) D:\SteamLibrary\SteamApps\common\RiskysRevenge\executable\RiskysRevenge.exe (Wayforward Technologies) [Archivo no firmado]
FirewallRules: [{7A991FCC-AB1A-4CB2-A667-6FEC288C7D4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hollow Knight\hollow_knight.exe () [Archivo no firmado]
FirewallRules: [{5CA9B006-E7CD-4278-92EC-25F9A81072CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hollow Knight\hollow_knight.exe () [Archivo no firmado]
FirewallRules: [{E0C265E4-8DE2-44B2-8672-85D9D9F1AFD0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5937A7EB-D2EB-4961-9DAA-C64735909530}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{49C59312-B52D-4443-BCD1-AD7B17601BE3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe () [Archivo no firmado]
FirewallRules: [{2DA80D34-F7F4-4EE5-AB81-A094B5B16B87}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe () [Archivo no firmado]
FirewallRules: [{A79523E3-F2DC-440C-849D-199B5254F863}] => (Allow) D:\SteamLibrary\SteamApps\common\Darksiders II Deathinitive Edition\Darksiders2.exe () [Archivo no firmado]
FirewallRules: [{014EE805-B5B5-4228-8B8A-FAD80872F666}] => (Allow) D:\SteamLibrary\SteamApps\common\Darksiders II Deathinitive Edition\Darksiders2.exe () [Archivo no firmado]
FirewallRules: [{A64408BB-B2BA-40A2-81BA-760D11A1F7EE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC03292E-C88D-49C5-8B32-03657C4CC4DA}] => (Allow) D:\SteamLibrary\SteamApps\common\Retro City Rampage\retrocityrampage.exe () [Archivo no firmado]
FirewallRules: [{8BEC54D9-9072-459A-AF70-52D6C4B27354}] => (Allow) D:\SteamLibrary\SteamApps\common\Retro City Rampage\retrocityrampage.exe () [Archivo no firmado]
FirewallRules: [{9F4DBB97-916A-40FE-AF0F-C309115B4807}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [Archivo no firmado]
FirewallRules: [{40B45002-05EB-405A-8017-33BF9F898534}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [Archivo no firmado]
FirewallRules: [{3C4B978A-B3F9-4CF8-8777-08ADB519940F}] => (Allow) D:\SteamLibrary\SteamApps\common\Portal Stories Mel\portal2.exe () [Archivo no firmado]
FirewallRules: [{BEA72C56-F5B2-4248-A575-756862CFA298}] => (Allow) D:\SteamLibrary\SteamApps\common\Portal Stories Mel\portal2.exe () [Archivo no firmado]
FirewallRules: [{9767C3CB-7477-41AF-8EF4-8F4345A29E2B}] => (Allow) D:\SteamLibrary\SteamApps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe () [Archivo no firmado]
FirewallRules: [{74CE579D-0635-4022-B523-66BE6E50B8CA}] => (Allow) D:\SteamLibrary\SteamApps\common\Lone Survivor\LoneSurvivor\LoneSurvivor.exe () [Archivo no firmado]
FirewallRules: [{12F2E19B-30C3-45FA-8A98-81040C02F063}] => (Allow) D:\SteamLibrary\SteamApps\common\Shantae and the Pirate's Curse\ShantaeCurse.exe () [Archivo no firmado]
FirewallRules: [{0A0B8B88-1FD9-43DA-86F6-5C2A82EAED5C}] => (Allow) D:\SteamLibrary\SteamApps\common\Shantae and the Pirate's Curse\ShantaeCurse.exe () [Archivo no firmado]
FirewallRules: [{EAAC83B7-0C8C-4EE7-A57A-A7FFC49F9B04}] => (Allow) D:\SteamLibrary\SteamApps\common\Yosumin\Yosumin.exe (SQUARE ENIX CO., LTD.) [Archivo no firmado]
FirewallRules: [{2747EF7F-960F-45BC-B77A-EF3F2643C76C}] => (Allow) D:\SteamLibrary\SteamApps\common\Yosumin\Yosumin.exe (SQUARE ENIX CO., LTD.) [Archivo no firmado]
FirewallRules: [{7CD7A404-F66F-4F04-A2F5-37C93CA39CC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{342F7879-1CF9-4F5C-9977-BFE3AC973960}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5063CB4-AC5F-49FC-86ED-6768FECC4F48}] => (Allow) D:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe (DoubleDutch Games) [Archivo no firmado]
FirewallRules: [{86282CF9-AB31-42C7-9DDE-A1B049B44D01}] => (Allow) D:\SteamLibrary\SteamApps\common\SpeedRunners\SpeedRunners.exe (DoubleDutch Games) [Archivo no firmado]
FirewallRules: [{05619E82-6FD8-4A8B-8FA4-0338AAC027D9}] => (Allow) D:\Origin Games\Bejeweled 3\Bejeweled3.exe (PopCap Games -> )
FirewallRules: [{B2C171CB-FE2B-4982-9C20-CCFCF8BECDFC}] => (Allow) D:\Origin Games\Bejeweled 3\Bejeweled3.exe (PopCap Games -> )
FirewallRules: [{6284E92C-E6F1-41A5-9D3A-ED0DE1B60FA2}] => (Allow) LPort=1900
FirewallRules: [{C87F2148-4D5F-487D-BD65-394DBF5898A1}] => (Allow) LPort=2869
FirewallRules: [{CA02B2CB-0F25-4A70-AC84-7D2FAAC2317C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5B8612C0-407E-43A8-9980-5CBAC3049D8E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3525CE20-8136-4564-BA22-0943F2DCBFD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{10AB87F4-6636-4458-83C3-38CE2CC610E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe () [Archivo no firmado]
FirewallRules: [{43561E55-9868-4467-919A-6BE63A2C2263}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe () [Archivo no firmado]
FirewallRules: [{8B95694B-CCDD-4AE7-B8C1-7B7E23506507}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{AE46230A-0E88-4B68-96EC-B326730A6DF2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{0E2D9F2F-F1D1-4BEC-AAF8-3E2A3E2E8719}] => (Allow) D:\Origin Games\Peggle Deluxe\Peggle.exe (Electronic Arts -> )
FirewallRules: [{078A0FE9-4F8A-4E60-B2B0-A74D95D91DCC}] => (Allow) D:\Origin Games\Peggle Deluxe\Peggle.exe (Electronic Arts -> )
FirewallRules: [{03C841DC-CBF6-41BA-BAFC-ED3DBE771EF7}] => (Allow) D:\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe (EA Digital Illusions CE AB -> EA Digital Illusions CE AB)
FirewallRules: [{7A10D468-5D54-4496-B63B-362ADD5A7006}] => (Allow) D:\Origin Games\Mirrors Edge\Binaries\MirrorsEdge.exe (EA Digital Illusions CE AB -> EA Digital Illusions CE AB)
FirewallRules: [{5484A132-8204-4BD3-B2AE-32BE37C26879}] => (Allow) D:\SteamLibrary\SteamApps\common\Strider\Strider.exe () [Archivo no firmado]
FirewallRules: [{7F6FA66B-6E17-4184-AB07-86AC278C90DC}] => (Allow) D:\SteamLibrary\SteamApps\common\Strider\Strider.exe () [Archivo no firmado]
FirewallRules: [{200D22CD-81F5-4C72-8BA1-C08D7BEDDEEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{160EA244-D510-481A-8465-86968EEF3EA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{913688BE-1E29-48A2-ADFE-212930648263}] => (Allow) D:\SteamLibrary\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Archivo no firmado]
FirewallRules: [{3C867296-A9D3-42FF-B15B-A9841D04CA54}] => (Allow) D:\SteamLibrary\SteamApps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Archivo no firmado]
FirewallRules: [{E01E05C1-0D00-4FAB-B535-0D0E338828D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe () [Archivo no firmado]
FirewallRules: [{6671A37A-6D44-45B4-BB2C-9BE4EB055FAF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{9C7F292F-151A-4F03-B73D-7F89167C288B}D:\informacion\downloads\tixati_portable\tixati_windows64bit.exe] => (Block) D:\informacion\downloads\tixati_portable\tixati_windows64bit.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [UDP Query User{03BF4DE5-1159-4BE8-9A49-079D09118C92}D:\informacion\downloads\tixati_portable\tixati_windows64bit.exe] => (Block) D:\informacion\downloads\tixati_portable\tixati_windows64bit.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [{23451C69-5506-46A5-91D7-8BFA599DD399}] => (Allow) D:\SteamLibrary\SteamApps\common\rocketbirds_hardboiled\Game.exe () [Archivo no firmado]
FirewallRules: [{03467996-35C0-4432-B265-2624C4DE41B8}] => (Allow) D:\SteamLibrary\SteamApps\common\rocketbirds_hardboiled\Game.exe () [Archivo no firmado]
FirewallRules: [{1372BBE2-8E7B-49D6-AAAF-52BC7EDE9614}] => (Allow) D:\SteamLibrary\SteamApps\common\La-Mulana\LaMulanaWin.exe () [Archivo no firmado]
FirewallRules: [{4E259B3D-6116-4965-8352-282448FECC8A}] => (Allow) D:\SteamLibrary\SteamApps\common\La-Mulana\LaMulanaWin.exe () [Archivo no firmado]
FirewallRules: [{21E837D3-063D-488A-8BC8-CDF9B2342A2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2705D429-BF55-4EFF-A36C-704898E26378}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B358483B-A27E-4906-8006-0A9E403A569E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FB6929C-D5CA-491E-973E-F134B90B10EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7C14DAC-E09A-4BEE-A0C8-76E3E43937A1}] => (Allow) D:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [Archivo no firmado]
FirewallRules: [{A10FEB3C-3D93-480E-9600-7055EEE2C055}] => (Allow) D:\SteamLibrary\SteamApps\common\FTL Faster Than Light\FTLGame.exe () [Archivo no firmado]
FirewallRules: [{6E51BA4A-E728-4D9B-95C9-9F50BD81DE70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Poly Bridge\polybridge.exe () [Archivo no firmado]
FirewallRules: [{72B76636-063A-48D6-9FEC-ACA51937929F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Poly Bridge\polybridge.exe () [Archivo no firmado]
FirewallRules: [{A01BD8FC-0100-4964-80EF-00482D5DFD23}] => (Allow) D:\SteamLibrary\SteamApps\common\Cuphead\Cuphead.exe () [Archivo no firmado]
FirewallRules: [{5264F385-E39D-4171-81B6-008C62614697}] => (Allow) D:\SteamLibrary\SteamApps\common\Cuphead\Cuphead.exe () [Archivo no firmado]
FirewallRules: [{B7EED782-8D34-48FF-AD53-7C7758457F88}] => (Allow) D:\SteamLibrary\SteamApps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [Archivo no firmado]
FirewallRules: [{BAE3D8BF-7AA1-49A0-87F8-EAEA20587F8E}] => (Allow) D:\SteamLibrary\SteamApps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [Archivo no firmado]
FirewallRules: [{C743661F-C238-4DC0-892E-54727F5545C2}] => (Allow) C:\Users\Henry Percy\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9075EF41-2D4C-459F-963F-0E6B668FF64B}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{B87C8608-66AC-40BB-9924-807855CD27B4}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{55B5CC95-3106-4B04-93F0-6B549464703B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{FACFEB6C-7C9E-41AB-871B-4461ABB4A783}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{8A7C82C7-8D21-4DD2-ADDE-6501E7AAC99A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{977F8915-C788-4407-8F5A-C240679FFBF1}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{72525B1A-209C-43C9-8B85-F997276612AB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{118DB40D-19E7-4693-BBEF-6A1B4D78E811}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe (IBM -> IBM Corp.) [Archivo no firmado]
FirewallRules: [{B496345E-A107-495D-953C-AB87B1111785}] => (Allow) D:\SteamLibrary\SteamApps\common\Alan Wake\AlanWake.exe () [Archivo no firmado]
FirewallRules: [{6B78F77F-44F3-4C14-B11C-F6D636189273}] => (Allow) D:\SteamLibrary\SteamApps\common\Alan Wake\AlanWake.exe () [Archivo no firmado]
FirewallRules: [{13584EE5-E4DA-4C5D-80C5-7FDA064C331A}] => (Allow) D:\SteamLibrary\SteamApps\common\XCOM 2\Launcher\launcher.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{1DB23156-8A35-4F87-B39C-EEF8FB0F89AB}] => (Allow) D:\SteamLibrary\SteamApps\common\XCOM 2\Launcher\launcher.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{68749FA5-9B3D-4F4F-A1B3-C5F0A04A47BA}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{84A28F7B-969E-4C11-A11E-258F1D9C9674}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A08FE909-0634-4EF2-BCD3-13859BC9B091}] => (Allow) D:\SteamLibrary\SteamApps\common\The Messenger\TheMessenger.exe () [Archivo no firmado]
FirewallRules: [{682AA680-5F79-43AE-8A32-F75F391BAAE7}] => (Allow) D:\SteamLibrary\SteamApps\common\The Messenger\TheMessenger.exe () [Archivo no firmado]
FirewallRules: [{40A93402-3B22-40D9-B02D-49856ECBE521}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

06-07-2020 18:51:44 Installed Annotator 4.6.6.133
11-07-2020 09:23:30 Eliminación del paquete de idioma
14-07-2020 09:09:27 AdwCleaner_BeforeCleaning_14/07/2020_09:09:21

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (07/14/2020 11:04:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/14/2020 10:56:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: USBChargerPlus.exe, versión: 3.1.3.1, marca de tiempo: 0x51af834b
Nombre del módulo con errores: USBChargerPlus.exe, versión: 3.1.3.1, marca de tiempo: 0x51af834b
Código de excepción: 0xc000041d
Desplazamiento de errores: 0x000011a5
Identificador del proceso con errores: 0x1cf4
Hora de inicio de la aplicación con errores: 0x01d659f74538909d
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
Identificador del informe: 20905d5d-6adf-44d7-ac15-af7a297093a2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/14/2020 10:56:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: USBChargerPlus.exe, versión: 3.1.3.1, marca de tiempo: 0x51af834b
Nombre del módulo con errores: USBChargerPlus.exe, versión: 3.1.3.1, marca de tiempo: 0x51af834b
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000011a5
Identificador del proceso con errores: 0x1cf4
Hora de inicio de la aplicación con errores: 0x01d659f74538909d
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
Identificador del informe: 3b79945a-e356-4df9-a7e7-e54ba67fbe73
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/14/2020 09:27:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3716,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/14/2020 09:20:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6916,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/14/2020 09:09:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (07/14/2020 09:09:56 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (07/14/2020 09:09:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


Errores del sistema:
=============
Error: (07/14/2020 10:56:18 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: El equipo se reinició después de una comprobación de errores. La comprobación de errores fue: 0x00000124 (0x0000000000000000, 0xffff820e25482028, 0x00000000be000000, 0x0000000000800400). Se guardó un volcado en: C:\WINDOWS\MEMORY.DMP. Id. de informe: 102b9287-1c80-4e00-b34c-dac62c2b3e31.

Error: (07/14/2020 10:55:43 AM) (Source: volmgr) (EventID: 161) (User: )
Description: No se pudo crear el archivo de volcado debido a un error durante la creación del volcado.

Error: (07/14/2020 10:54:37 AM) (Source: DCOM) (EventID: 10010) (User: HENRYPERCY)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/14/2020 10:54:37 AM) (Source: DCOM) (EventID: 10010) (User: HENRYPERCY)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/14/2020 10:54:37 AM) (Source: DCOM) (EventID: 10010) (User: HENRYPERCY)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/14/2020 10:54:37 AM) (Source: DCOM) (EventID: 10010) (User: HENRYPERCY)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/14/2020 10:54:37 AM) (Source: DCOM) (EventID: 10010) (User: HENRYPERCY)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/14/2020 10:54:37 AM) (Source: DCOM) (EventID: 10010) (User: HENRYPERCY)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


CodeIntegrity:
===================================

Date: 2020-07-14 11:00:20.810
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:58:00.535
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:58:00.517
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:57:58.219
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:57:58.208
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:54:04.717
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:54:04.710
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-07-14 10:54:04.697
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume14\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. N550JV.208 11/19/2013
Placa base: ASUSTeK COMPUTER INC. N550JV
Procesador: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Porcentaje de memoria en uso: 41%
RAM física total: 8011.25 MB
RAM física disponible: 4722.71 MB
Virtual total: 16203.25 MB
Virtual disponible: 12565.97 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:221.12 GB) (Free:108.74 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]
Drive d: (DATA) (Fixed) (Total:537.6 GB) (Free:119.47 GB) NTFS
Drive e: (UJUEGOS) (Fixed) (Total:371.44 GB) (Free:230.57 GB) NTFS

\\?\Volume{de8c141f-3d06-4192-a206-9309375faf34}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.54 GB) NTFS
\\?\Volume{7c2b8d12-2fb9-400b-ba39-62d80f14c0db}\ () (Fixed) (Total:0.82 GB) (Free:0.32 GB) NTFS
\\?\Volume{669facbc-456b-45c1-935f-4039df39bd88}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{6c1413b9-eb02-4d7f-8795-eba5b5a474e1}\ (Restore) (Fixed) (Total:20.01 GB) (Free:6.39 GB) NTFS
\\?\Volume{169d0c01-d153-4f82-bf68-59191beb4304}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.54 GB) NTFS
\\?\Volume{1f609ed4-56df-49ca-9e12-289b37e88e92}\ () (Fixed) (Total:0.82 GB) (Free:0.27 GB) NTFS
\\?\Volume{0991ed52-71cb-4ee8-8010-b4962841e4b8}\ () (Fixed) (Total:0.34 GB) (Free:0.32 GB) NTFS
\\?\Volume{75f1eda7-17aa-485d-9b76-45b126e4592f}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
\\?\Volume{3f3d1b05-f5ec-4255-bbde-ec9e32fb5e00}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2ADC1B83)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Final de Addition.txt =======================

Gracias por todo y estaré atento a sus respuesta

Hola @camus24

Malwarebytes menciona Sin acciones por parte del Usuario marcaste y enviaste todo a cuarentena?

Si no es así deberás volver a ejecutarlo, siguiendo el Manual y eliminando todo lo que te detecte, lo mismo con AdwCleaner y el Software Pre-instalado, si no lo utilizas, es mejor eliminarlo ya que consume recursos del sistema y por lo general no se utilizan para nada.

Esperamos esos reportes.

Salu2

Hola @SanMar

Yo eliminé todo, seguí el manual y las instrucciones al pie de la letra. Tanto en el Malwarebytes como en los demás. No sé porque no lo muestra ahí, pero yo envié todo a cuarentena o desinstale/eliminé lo que me marcaba como error. Los reportes son los que ya envié

Hola @camus24

Disculpa la demora, he estado como 24 hs sin Internet.

Tomaste el reporte de Malwarebytes luego de reiniciar o antes?, ya que por ello puede deberse el problema.

Con mucha atención sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

• Descarga/Ejecuta DelFix desde el escritorio de Windows.
• Clic Derecho, “Ejecutar como Administrador”.
• En la ventana principal, marca solamente la casilla “Create Registry Backup”.
• Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego ve a::

2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start::
CloseProcesses:
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [PTOneClick] => C:\Users\Henry Percy\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184120 2020-03-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{4B95ACA9-75CD-4442-AFC2-7D508B03711B}] -> Msiexec.exe /fu {4B95ACA9-75CD-4442-AFC2-7D508B03711B} /qn
GroupPolicy: Restricción ? <==== ATENCIÓN
Task: {04553AB6-D8B1-4C47-BD35-15798EBC32D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {153C2201-AE79-4492-9493-D9ED5B89F0BE} - System32\Tasks\{8CF2B0BF-D9B1-4D95-A5A9-EA00C548822D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.21.0.100&LastError=404
Task: {1C828256-374B-4BFE-8F74-1AE1A13E3347} - System32\Tasks\AdwCleaner_onReboot => E:\DOWNLOADS CUALQUIERAS\forospyware julio 2020\adwcleaner_8.0.6.exe [8420016 2020-07-14] (Malwarebytes Inc -> Malwarebytes)
Task: {3695FA15-3CCF-415D-BC5B-F7484F0096D3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {6225C13A-6DF4-4DD4-A987-5F8AB33FCB09} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {6C290EEE-9E96-4884-BD33-6000DB7806DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {7AB89C6B-6041-4392-BCEB-27B396A2AD64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {B6D50BBA-AA32-44AD-ADAA-C61912128B6F} - System32\Tasks\{952A8D83-D67D-4085-9807-B1323EC94F15} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.39.0.102&LastError=12029
Task: {C5AF0CCF-BFAE-427B-AC4D-63C9C1B3CE38} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {CBEB2CB5-99D3-4254-943C-9671EE9BCC71} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {D5A56737-ED96-4281-A94F-6E5530367E55} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {DA26F807-D62A-48B0-814E-E3DA1B0AEE4D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {E7F3C426-6649-4EA3-B5CA-376978C6691D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {E91D202D-70DF-4D70-96E7-7A58000D8692} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {E93AF17C-AEF4-4709-A24E-66DE486E06FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {EC1A27D0-94D2-48DC-872A-A4EEAD5A09CA} - System32\Tasks\Pantalla => "C:\Users\Henry Percy\pantalla.cmd"
Task: {EC61C5BB-AAAB-4A6C-A782-F477A4584B29} - System32\Tasks\{204DF228-A169-4DCF-B533-3AD3FE059620} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/es/abandoninstall?page=tsPlugin
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => no encontrado
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => no encontrado
CHR HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
2018-09-29 09:03 - 2018-09-29 09:03 - 000000000 _____ () C:\Users\Henry Percy\AppData\Local\oobelibMkey.log
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
2020-07-14 10:56 - 2020-07-14 10:56 - 000114176 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ctypes.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000172544 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_elementtree.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 002250240 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_hashlib.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000032256 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_multiprocessing.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000046080 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_psutil_windows.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000047616 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_socket.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 002819584 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ssl.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000026112 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_yappi.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000080896 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\bz2.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000016384 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\common.time34.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000007680 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\hashobjs_ext.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000301568 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\PIL._imaging.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000168448 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pyexpat.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001084416 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pysqlite2._sqlite.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000548864 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pythoncom27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000137728 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pywintypes27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000010752 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\select.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000020992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\thumbnails_ext.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000689664 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\unicodedata.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000119808 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\usb_ext.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000128512 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32api.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000438784 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32com.shell.shell.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000011776 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32crypt.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000023040 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32event.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000149504 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32file.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000223232 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32gui.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000048128 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32inet.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000029696 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pdh.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000027648 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pipe.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000044032 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32process.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000020480 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32profile.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000136192 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32security.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000026624 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32ts.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000034816 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.conditional.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000038400 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.connectivity.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000071680 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.device_monitor.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000109056 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.volumes.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000020480 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.winwrap.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001325056 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._controls_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001489408 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._core_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001007104 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._gdi_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000103424 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._html2.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000916992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._misc_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001039872 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._windows_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 003043328 _____ (Python Software Foundation) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\python27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000202240 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_net_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 002831872 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 001654784 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_adv_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 006542336 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_core_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000773632 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_html_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000137216 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_webview_vc90_x64.dll

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End:

• Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

3.- Inicie su ordenador en >>> Modo Seguro >>> Aplicable a Windows 10. o Windows 7.

• Ejecute Frst.exe o Frst64.exe. según el caso.
• Presione el botón Fix/Corregir y aguarde a que termine.
• La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
• Reinicia y lo pega en su próxima respuesta.

Nos comentas, luego de reiniciar y probar, como sigue el equipo.

Salu2

Gracias @SanMar, realmente agradezco la ayuda. Esto lo hacen porque desean ayudar, que se demoren un poco no pasa nada.

El reporte de Malwarebytes lo tomé antes de reiniciar como comentas. Copio a continuación el reporte fixlog generado

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01
Ejecutado por Henry Percy (17-07-2020 23:36:04) Run:1
Ejecutado desde C:\Users\Henry Percy\Desktop
Perfiles cargados: Henry Percy
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
2020-07-14 10:56 - 2020-07-14 10:56 - 001007104 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._gdi_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000103424 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._html2.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000916992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._misc_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001039872 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._windows_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 003043328 _____ (Python Software Foundation) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\python27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000202240 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_net_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 002831872 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 001654784 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_adv_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 006542336 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_core_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000773632 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_html_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000137216 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_webview_vc90_x64.dll

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End:
*****************

"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._gdi_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._html2.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._misc_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._windows_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\python27.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_net_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_adv_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_core_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_html_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_webview_vc90_x64.dll" => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : ::c0f4:502a:d365:d70b
   Direcci¢n IPv6 temporal. . . . . . : ::9c79:3ce5:29ed:c280
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c0f4:502a:d365:d70b%13
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.4
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.254

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 48820950 B
Java, Flash, Steam htmlcache => 452497952 B
Windows/system/drivers => 15762337 B
Edge => 90716055 B
Chrome => 92453157 B
Firefox => 115169500 B
Opera => 14797659 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 35184 B
NetworkService => 35184 B
Henry Percy => 114207209 B
Administrator => 114221161 B

RecycleBin => 0 B
EmptyTemp: => 1019.7 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 23:36:37 ====

Muchas gracias y estoy mirando como sigue el computador, por el momento no ha dado ctrl+z solo en los navegadores o borrado cosas de Excel u otros programas

Perfecto, prueba el equipo dos o tres días apaga, prende y reinicias, así nos comentaras como sigue.

Salu2

Hola nuevamente:

Veo que se ejecuto incompleto el Fixlist, lo hiciste tal como te lo indique en el post 8 por que te falto incluir varias entradas

Salu2

No sé que pasó, lo voy a volver a correr. Tal vez copié mal los datos, lo que es raro. Lo haré nuevamente y volveré a pegar el reporte

Realicé nuevamente las instrcciones del post 8 y copio el resultado

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-07-2020 01
Ejecutado por Henry Percy (18-07-2020 07:19:18) Run:2
Ejecutado desde C:\Users\Henry Percy\Desktop
Perfiles cargados: Henry Percy
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
Start::
CloseProcesses:
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\...\Run: [PTOneClick] => C:\Users\Henry Percy\AppData\Local\Webex\Webex\Applications\ptoneclk.exe [7184120 2020-03-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{4B95ACA9-75CD-4442-AFC2-7D508B03711B}] -> Msiexec.exe /fu {4B95ACA9-75CD-4442-AFC2-7D508B03711B} /qn
GroupPolicy: Restricción ? <==== ATENCIÓN
Task: {04553AB6-D8B1-4C47-BD35-15798EBC32D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {153C2201-AE79-4492-9493-D9ED5B89F0BE} - System32\Tasks\{8CF2B0BF-D9B1-4D95-A5A9-EA00C548822D} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.21.0.100&LastError=404
Task: {1C828256-374B-4BFE-8F74-1AE1A13E3347} - System32\Tasks\AdwCleaner_onReboot => E:\DOWNLOADS CUALQUIERAS\forospyware julio 2020\adwcleaner_8.0.6.exe [8420016 2020-07-14] (Malwarebytes Inc -> Malwarebytes)
Task: {3695FA15-3CCF-415D-BC5B-F7484F0096D3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {6225C13A-6DF4-4DD4-A987-5F8AB33FCB09} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {6C290EEE-9E96-4884-BD33-6000DB7806DD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {7AB89C6B-6041-4392-BCEB-27B396A2AD64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {B6D50BBA-AA32-44AD-ADAA-C61912128B6F} - System32\Tasks\{952A8D83-D67D-4085-9807-B1323EC94F15} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.39.0.102&LastError=12029
Task: {C5AF0CCF-BFAE-427B-AC4D-63C9C1B3CE38} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {CBEB2CB5-99D3-4254-943C-9671EE9BCC71} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {D5A56737-ED96-4281-A94F-6E5530367E55} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {DA26F807-D62A-48B0-814E-E3DA1B0AEE4D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {E7F3C426-6649-4EA3-B5CA-376978C6691D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {E91D202D-70DF-4D70-96E7-7A58000D8692} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {E93AF17C-AEF4-4709-A24E-66DE486E06FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {EC1A27D0-94D2-48DC-872A-A4EEAD5A09CA} - System32\Tasks\Pantalla => "C:\Users\Henry Percy\pantalla.cmd"
Task: {EC61C5BB-AAAB-4A6C-A782-F477A4584B29} - System32\Tasks\{204DF228-A169-4DCF-B533-3AD3FE059620} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/es/abandoninstall?page=tsPlugin
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => no encontrado
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => no encontrado
CHR HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
2018-09-29 09:03 - 2018-09-29 09:03 - 000000000 _____ () C:\Users\Henry Percy\AppData\Local\oobelibMkey.log
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
2020-07-14 10:56 - 2020-07-14 10:56 - 000114176 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ctypes.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000172544 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_elementtree.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 002250240 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_hashlib.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000032256 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_multiprocessing.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000046080 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_psutil_windows.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000047616 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_socket.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 002819584 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ssl.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000026112 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_yappi.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000080896 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\bz2.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000016384 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\common.time34.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000007680 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\hashobjs_ext.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000301568 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\PIL._imaging.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000168448 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pyexpat.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001084416 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pysqlite2._sqlite.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000548864 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pythoncom27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000137728 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pywintypes27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000010752 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\select.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000020992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\thumbnails_ext.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000689664 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\unicodedata.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000119808 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\usb_ext.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000128512 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32api.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000438784 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32com.shell.shell.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000011776 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32crypt.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000023040 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32event.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000149504 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32file.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000223232 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32gui.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000048128 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32inet.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000029696 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pdh.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000027648 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pipe.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000044032 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32process.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000020480 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32profile.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000136192 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32security.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000026624 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32ts.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000034816 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.conditional.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000038400 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.connectivity.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000071680 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.device_monitor.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000109056 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.volumes.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000020480 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.winwrap.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001325056 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._controls_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001489408 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._core_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001007104 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._gdi_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000103424 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._html2.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 000916992 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._misc_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 001039872 _____ () [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._windows_.pyd
2020-07-14 10:56 - 2020-07-14 10:56 - 003043328 _____ (Python Software Foundation) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\python27.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000202240 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_net_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 002831872 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 001654784 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_adv_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 006542336 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_core_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000773632 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_html_vc90_x64.dll
2020-07-14 10:56 - 2020-07-14 10:56 - 000137216 _____ (wxWidgets development team) [Archivo no firmado] C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_webview_vc90_x64.dll

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
End:
*****************

Procesos cerrados correctamente.
"HKU\S-1-5-21-970227938-1326680726-1648082153-1002\Software\Microsoft\Windows\CurrentVersion\Run\\PTOneClick" => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{4B95ACA9-75CD-4442-AFC2-7D508B03711B} => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04553AB6-D8B1-4C47-BD35-15798EBC32D5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04553AB6-D8B1-4C47-BD35-15798EBC32D5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{153C2201-AE79-4492-9493-D9ED5B89F0BE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{153C2201-AE79-4492-9493-D9ED5B89F0BE}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{8CF2B0BF-D9B1-4D95-A5A9-EA00C548822D} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8CF2B0BF-D9B1-4D95-A5A9-EA00C548822D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C828256-374B-4BFE-8F74-1AE1A13E3347}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C828256-374B-4BFE-8F74-1AE1A13E3347}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3695FA15-3CCF-415D-BC5B-F7484F0096D3}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3695FA15-3CCF-415D-BC5B-F7484F0096D3}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6225C13A-6DF4-4DD4-A987-5F8AB33FCB09}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6225C13A-6DF4-4DD4-A987-5F8AB33FCB09}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6C290EEE-9E96-4884-BD33-6000DB7806DD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C290EEE-9E96-4884-BD33-6000DB7806DD}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AB89C6B-6041-4392-BCEB-27B396A2AD64}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AB89C6B-6041-4392-BCEB-27B396A2AD64}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6D50BBA-AA32-44AD-ADAA-C61912128B6F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6D50BBA-AA32-44AD-ADAA-C61912128B6F}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{952A8D83-D67D-4085-9807-B1323EC94F15} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{952A8D83-D67D-4085-9807-B1323EC94F15}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5AF0CCF-BFAE-427B-AC4D-63C9C1B3CE38}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5AF0CCF-BFAE-427B-AC4D-63C9C1B3CE38}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBEB2CB5-99D3-4254-943C-9671EE9BCC71}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBEB2CB5-99D3-4254-943C-9671EE9BCC71}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5A56737-ED96-4281-A94F-6E5530367E55}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5A56737-ED96-4281-A94F-6E5530367E55}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA26F807-D62A-48B0-814E-E3DA1B0AEE4D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA26F807-D62A-48B0-814E-E3DA1B0AEE4D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7F3C426-6649-4EA3-B5CA-376978C6691D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7F3C426-6649-4EA3-B5CA-376978C6691D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E91D202D-70DF-4D70-96E7-7A58000D8692}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E91D202D-70DF-4D70-96E7-7A58000D8692}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E93AF17C-AEF4-4709-A24E-66DE486E06FF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E93AF17C-AEF4-4709-A24E-66DE486E06FF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EC1A27D0-94D2-48DC-872A-A4EEAD5A09CA}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC1A27D0-94D2-48DC-872A-A4EEAD5A09CA}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Pantalla => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pantalla" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC61C5BB-AAAB-4A6C-A782-F477A4584B29}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC61C5BB-AAAB-4A6C-A782-F477A4584B29}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{204DF228-A169-4DCF-B533-3AD3FE059620} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{204DF228-A169-4DCF-B533-3AD3FE059620}" => eliminado correctamente
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => no encontrado
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}" => eliminado correctamente
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\[email protected]" => eliminado correctamente
HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => eliminado correctamente
C:\Users\Henry Percy\AppData\Local\oobelibMkey.log => movido correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\DriveFS 28 or later => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ctypes.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_elementtree.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_hashlib.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_multiprocessing.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_psutil_windows.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_socket.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_ssl.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\_yappi.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\bz2.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\common.time34.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\hashobjs_ext.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\PIL._imaging.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pyexpat.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pysqlite2._sqlite.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pythoncom27.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\pywintypes27.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\select.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\thumbnails_ext.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\unicodedata.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\usb_ext.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32api.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32com.shell.shell.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32crypt.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32event.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32file.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32gui.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32inet.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pdh.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32pipe.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32process.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32profile.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32security.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\win32ts.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.conditional.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.connectivity.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.device_monitor.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.volumes.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\windows.winwrap.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._controls_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._core_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._gdi_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._html2.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._misc_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wx._windows_.pyd" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\python27.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_net_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxbase30u_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_adv_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_core_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_html_vc90_x64.dll" => no encontrado
"C:\Users\Henry Percy\AppData\Local\Temp\_MEI106922\wxmsw30u_webview_vc90_x64.dll" => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-970227938-1326680726-1648082153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7423164 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 454328 B
Edge => 6569567 B
Chrome => 32500994 B
Firefox => 39988435 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5028 B
NetworkService => 5028 B
Henry Percy => 85374572 B
Administrator => 85374572 B

RecycleBin => 0 B
EmptyTemp: => 255.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 07:19:29 ====

Gracias

Hola @camus24

Ahora si, prueba el equipo y nos comentas como sigue.

Salu2

Hola @SanMar

Llevo probando todos estos días y no ha vuelto a pasar nada. Agradezco mucho su ayuda, pensé que mi computador estaba bien con los mantenimientos mensuales, pero ustedes saben más y encontraron el problema y solucionaron. No sé que causó eso, pero gracias por solucionarlo

Hola @camus24

Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
• Marca las casilla Remove disinfection tools y Purgue Sistem Restore
• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Que bueno que hayamos podido resolver tu consulta…

Para otros problemas, ya sabes donde encontrarnos.

Salu2.