No puedo eliminar: Heuristic.suspect - Win32.Floodfix

Tengo una laptop con windows 7 64 bits, 16 ram, Hace unos dias , estaba buscando archivos para descargar , asi q tuve que recurrir a paginas dudosas , y aunque tenia instalado el malwarebytes atimalware tuve q desactivarlo un momento , el detalle es que ,al final se debe haber instalado unos cuantos virus, porq primeramente me di cuenta que despues cuando quise reactivar el malwarebytes para scanear , salia un mensaje de error: “mbam.exe-Error de aplicacion: La aplicacion no se pudo iniciar correctamente (0xc0000005). Haga clic en Aceptar para cerrarla.” y creo que tampoco me dejo instalar el kaspersky antivirus , me salio error desconocido, luego se me ocurrio iniciar en modo a prueba de fallos con funcion de red , intente instalar kaspersky y tampoco , entonces corri su tdskiller , encontro varios problemas , reinicie pero salio pantalla azul , luego entre nuevamente , en modo a prueba de fallos , cambie a reinicio normal , y seguiia igual q no me abria el malwarebytes , desinstale despues en modo a prueba de falla el malwarebytes, reinstale , en modo normal seguia saltando ese error , despues instale el avast , aparentemente todo bien , me decia q estaba protejido , pero yo sospechaba q seguia algo ahi , descidi consultar su pagina infospyware ahi encontre ZHPCLEANER 2020 , lo ejecute , encontre varios adwares , encontro como 6 , los elimine , todo bien , desinstale el avast , instale el malwarebytes ,todo inicio bien , el detalle que despues cuando volvi a reiniciar la laptop .me di cuenta q no iniciaba el malwarebytes solo, lo ejecute y volvio a salir el error , volvi a pasar el ZHPCLEANER , y encontro : Heuristic.suspect , ejecute reparar , lo elimino, reinicie la laptop , y volvi a pasar ZHPCLEANER , y lo encontro de nuevo ,es como si se replicara con cada reinicio, intente instalar zonealarm antivirus , y no me deja: dice que no se realizo el ultimo reinicio del sistema , y que debo reiniciar, no me deja instalar antivirus. gracias

Hola, y bienvenido.

Aun tienes instalado MalwareBytes? es legal (descargado e instalado desde su web oficial) o crackeado?

es crakeado , pero nunca me dio ese error , hasta ese dia

Y como crees que algo que esta crackeado ilgelmente y que trae algún bicho dentro elimine a otro? :roll_eyes:. Sigue la siguiente instrucción que te dejo mas abajo por favor.

  • Entra a este enlace, una vez dentro de esta pagina/manual, baja hacia abajo y encontraras el software para desinstalar Mbam, llamado “MB-Clean”, descargalo y sigue los pasos que se te indica en el programa.

Una vez desinstalado por completo Malwarebytes, no instales nada mas, no toques nada del sistema ni descargues nadas, solo ven de nuevo aquí y nos comentas para seguir trabajando en tu equipo.

ya ejecute el limpiador de malwarebytes, solo salio un mensaje diciendo que cargue los resultados:

2020-01-28 13:57:13.520   mb-clean:3.1.0.1035  @ Malwarebytes. All rights reserved.
2020-01-28 13:57:18.868   No Malwarebytes software installed.
2020-01-28 13:57:26.122   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2020-01-28 13:57:26.123   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2020-01-28 13:57:26.123   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMChameleon.sys
2020-01-28 13:57:26.127   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2020-01-28 13:57:26.128   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2020-01-28 13:57:26.129   Trying to delete file or folder: C:\Windows\system32\drivers\mbam.sys
2020-01-28 13:57:26.130   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2020-01-28 13:57:26.135   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMSwissArmy.sys
2020-01-28 13:57:26.136   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy
2020-01-28 13:57:26.137   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2020-01-28 13:57:26.138   Trying to delete file or folder: C:\Windows\system32\drivers\mwac.sys
2020-01-28 13:57:29.422   Trying to delete path C:\ProgramData\Malwarebytes\
2020-01-28 13:57:29.422   Trying to delete path C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\
2020-01-28 13:57:29.423   Trying to delete path C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine\
2020-01-28 13:57:29.425   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine\4473655832.data
2020-01-28 13:57:29.428   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine\4933409569.data
2020-01-28 13:57:29.430   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine\4933409569.quar
2020-01-28 13:57:29.432   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine\5011919337.data
2020-01-28 13:57:29.432   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine\
2020-01-28 13:57:29.433   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\
2020-01-28 13:57:29.434   Trying to delete path C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\
2020-01-28 13:57:29.435   Trying to delete path C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\
2020-01-28 13:57:29.435   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\
2020-01-28 13:57:29.436   Trying to delete file or folder: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\
2020-01-28 13:57:29.437   Trying to delete file or folder: C:\ProgramData\Malwarebytes\
2020-01-28 13:57:29.441   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2020-01-28 13:57:29.443   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2020-01-28 13:57:29.443   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2020-01-28 13:57:29.445   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=3))
2020-01-28 13:57:29.448   --------END OF LOG FILE ----------

antes que me digas este limpiador, ya habia desinstalado malwarebyes , antes de esto corri el malwarebytes antirootkit , en una primera vez desinstalo , ahora quise ejecutar de nuevo y no carga , dice q un driver DDA no esta instalado por talvez actividad rootkit

sigo teniendo ese Heuristic.suspect, como q se replica con cada reinicio, se autoparchea este ■■■■ virus, osea en una primera vez q pude correr el malwarebytes antirootkit, apesar q me elimino 15 amenazas, no pudo con este virus… ahora me ha inutilizado el malwarebytes

holaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa que fue?, pueden ayudar o no?

Hola chicos y permiso:

Paciencia compañero, somos una comunidad de ayudantes voluntarios que tenemos nuestra vida, trabajos, familia etc, si estas apurado ve y paga un Servicio Técnico.

Ahora si tienes paciencia si te podemos ayudar.

Como no somos adivinos y no vemos tu equipo debes pegarnos los reportes de todas las herramientas que ejecutaste y te detectaron algo.

Especialmente el de ZHPCLEANER ultimo y el del AntiRootkits.


Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

Disculpa fui muy apresurado , esq tengo este problema ya 1 semana, y no recurro a tecnicos , porque no saben nada, lo unico q diran sera hay q formatear , pensando ellos , que uno no sabe nada , yo mismo puedo formatear mi lap, asi que recurro a uds por ser conocedores del tema; ok pase nuevamente el ZPHCLEANER y dejo el primer reporte del malwarebytes anti rootkit, ahora no me funciona el antirootkit:

~ ZHPCleaner v2020.1.23.174 by Nicolas Coolman (2020/01/23) ~ Run by MARCO (Administrator) (29/01/2020 08:20:22) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Scanner ~ Report : C:\Users\MARCO\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\MARCO\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) **---\ Alternate Data Stream (ADS). (0)** ~ No malintencionados o innecesarios artículos encontrados. (ADS) **---\ Servicios (0)** ~ No malintencionados o innecesarios artículos encontrados. (Servicio) **---\ Navegadores de Internet (0)** ~ No malintencionados o innecesarios artículos encontrados. (Navegador) **---\ Hosts carpeta (1)** ~ El archivo hosts es legítimo (40) **---\ Tareas automáticas programadas. (0)** ~ No malintencionados o innecesarios artículos encontrados. (Tarea) **---\ Explorador ( Archivos, Carpetas ) (1)** ENCONTRADOS carpeta: C:\Windows\Temp\update.exe =>Heuristic.Suspect **---\ Registro ( Claves, Valores, Datos) (0)** ~ No malintencionados o innecesarios artículos encontrados. (Register) **---\ Resumen de elementos en su estación de trabajo (1)** https://nicolascoolman.eu/wp-content/uploads/2019/01/Informations-Sécurité-Zone-antimalware.jpg =>Heuristic.Suspect **---\ Resultado de la reparación.** ~ ninguna reparación hecha ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK **---\ STATISTIQUES** ~ Items escaneado : 81684 ~ Items encontrado : 1 ~ artículos cancelados : 0 ~ Ahorro de espacio (bytes) : 0 ~ Items opciones : 8/15 **---\ OPCIONES NO ACTIVAS** ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ End of search in 00h14mn09s **---\ Reporte (5)** ZHPCleaner-[R]-28012020-13_35_59.txt ZHPCleaner-[S]-28012020-10_13_58.txt ZHPCleaner-[S]-28012020-13_00_30.txt ZHPCleaner-[S]-28012020-14_04_07.txt ZHPCleaner-[S]-29012020-08_34_31.txt

y mi primer reporte de malwarebytes antirootkit , que ahora ya no carga:

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2020.01.28.06
  rootkit: v2020.01.28.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
MARCO :: MARCO-PC [administrator]

28/01/2020 10:23:43
mbar-log-2020-01-28 (10-23-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 206633
Time elapsed: 25 minute(s), 43 second(s)

Memory Processes Detected: 2
C:\Windows\system\explorer.exe (Backdoor.Agent.Generic) -> 3304 -> Delete on reboot. [be482f192ea85adc6892648133cff808]
C:\Windows\system\svchost.exe (Backdoor.Agent.Generic) -> 3296 -> Delete on reboot. [a363e068b620122437c3f6ef03ff6b95]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Explorer (Backdoor.Agent.Generic) -> Data: c:\windows\system\explorer.exe RO -> Delete on reboot. [be482f192ea85adc6892648133cff808]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|Svchost (Backdoor.Agent.Generic) -> Data: c:\windows\system\svchost.exe RO -> Delete on reboot. [a363e068b620122437c3f6ef03ff6b95]

Registry Data Items Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell (Backdoor.Agent.Generic) -> Bad: (c:\windows\system\explorer.exe) Good: () -> Replace on reboot. [be482f192ea85adc6892648133cff808]

Folders Detected: 0
(No malicious items detected)

Files Detected: 10
C:\Windows\system\explorer.exe (Backdoor.Agent.Generic) -> Delete on reboot. [be482f192ea85adc6892648133cff808]
C:\Windows\system\svchost.exe (Backdoor.Agent.Generic) -> Delete on reboot. [a363e068b620122437c3f6ef03ff6b95]
C:\Users\MARCO\AppData\Roaming\mrsys.exe (Backdoor.Agent.Generic) -> Delete on reboot. [a46221277660da5cab4ff7ee768cef11]
C:\Users\MARCO\AppData\Local\icsys.icn.exe (Backdoor.Agent.Generic) -> Delete on reboot. [d2345aee0dc900360cee2eb72fd3c838]
C:\Users\MARCO\AppData\Local\stsys.exe (Backdoor.Agent.Generic) -> Delete on reboot. [6e984503726470c6ed0d905537cbde22]
C:\$Recycle.Bin\S-1-5-21-1981365817-1338075218-4232470481-1000\$RRQR6US.exe (Backdoor.Agent.Generic) -> Delete on reboot. [26e02226973f6cca9763ae37d32f37c9]
C:\$Recycle.Bin\S-1-5-21-1981365817-1338075218-4232470481-1000\$RWJ7E25.exe (Backdoor.Agent.Generic) -> Delete on reboot. [27df3a0ec610d4626b8f3ea7a161df21]
C:\Windows\RemoveWAT.exe (HackTool.WpaKill) -> No action taken. [40c600489343280eb00aa63213ef946c]
C:\Windows\system\spoolsv.exe (Backdoor.Agent.Generic) -> Delete on reboot. [fd09f15735a18da97b7f994ce1214cb4]
C:\Windows\Resources\spoolsv.exe (Trojan.Agent) -> Delete on reboot. [be487dcbdff7af87ddaac0d41ae6d42c]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

gracias

Hola @marcobh1

Malwarebytes encontró importantes infecciones.

Realiza lo siguiente:

Paso 1: Realiza lo siguiente:

1.- Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

2.- Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

  • Este no da reporte cuando te encuentres, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

Paso 2: Luego de reiniciar:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Gracias , realice segun los pasos , cuando ejecuto ESET online scaner , no puedo realizarlo porque me da: “Error en la descarga de la actualizacion del modulo”. dice: “ESET Online scaner no pudo descargar la actualizacion del módulo. El modulo de su producto se encuentra desactualizado, lo cual puede afectar la detección de nuevos tipos de amenazas. Le recomendamos que compruebe su conexión a Internet o la configuración del servidor proxy, e intente actualizar nuevamente.” ;cabe resaltar que si tengo conexion a internet. y cuando ejecuto Kaspersky Virus Removal Tool sale un mensaje: que no se puede inicializar servicio en ingles: Can´t initialize services.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 27-01-2020
Ejecutado por MARCO (administrador) sobre MARCO-PC (Hewlett-Packard HP Pavilion 15 Notebook PC) (29-01-2020 16:38:15)
Ejecutado desde C:\Users\MARCO\Desktop
Perfiles cargados: MARCO (Perfiles disponibles: MARCO)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 8 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(FlashTECH) [Archivo no firmado] C:\Program Files (x86)\Digital Clock\DigitalClock.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FoxitProxyServer_Socket_PH.exe
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard -> HP) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company) [Archivo no firmado] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Karl Sabo -> AMD) C:\Windows\System32\atieclxx.exe
(Karl Sabo -> AMD) C:\Windows\System32\atiesrxx.exe
(MetaQuotes Software Corp. -> MetaQuotes Software Corp.) C:\Program Files\ICMarkets - MetaTrader 5\terminal64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\AvrcpService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\RtkBleServ.exe
(Solid Documents -> Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VS Revo Group -> VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => c:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [Archivo no firmado]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [218055 2014-06-16] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2014-08-26] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2022855 2013-03-07] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Winlogon: [Shell] C:\Windows\explorer.exe,
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Run: [] => [X]
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\MountPoints2: {ab8f3470-0919-11e9-879c-acd1b8a31200} - F:\Setup.exe
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\MountPoints2: {c5023f79-c066-11e8-8dc8-acd1b8a31200} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation -> Symantec Corporation)
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999}] -> C:\Users\MARCO\AppData\Roaming\mrsys.exe MR
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2020-01-25] (Microsoft Corporation) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-10-15]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (Ningún archivo)
Startup: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Clock.lnk [2020-01-29]
ShortcutTarget: Desktop Clock.lnk -> C:\Program Files (x86)\Digital Clock\DigitalClock.exe (FlashTECH) [Archivo no firmado]
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0BC3304C-69CC-48BE-BFCB-38E90D4DA25E} - \AVGPCTuneUp_Task_BkGndMaintenance -> Ningún archivo <==== ATENCIÓN
Task: {0FC7DCDF-3E8C-4381-9571-0966F6EB337D} - System32\Tasks\{5444AB9F-3606-4102-927B-3E02CAD9ABC5} => C:\Users\MARCO\Downloads\RADEON RESOLUTION MODIFICADOR\RCRM\RCRM.exe
Task: {1125C16C-F877-479A-B8EA-0DF4CBE2EB62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {16314D27-E043-4CAB-AC8D-F08AA4C7F4FD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1981365817-1338075218-4232470481-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {19E06852-49B8-44A5-B867-2406DD1B10B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [124280 2018-08-30] (HP Inc. -> HP Inc.)
Task: {1A02DC0D-D0AC-4C56-A7CC-DAC45A6B86F5} - System32\Tasks\HPCustParticipation HP Ink Tank 310 series => C:\Program Files\HP\HP Ink Tank 310 series\Bin\HPCustPartic.exe [6661256 2018-07-27] (Hewlett Packard -> HP Inc.)
Task: {24AC60FB-2E37-420F-AC28-E8CA289AE6FF} - \Microsoft Office 15 Sync Maintenance for MARCO-PC-MARCO MARCO-PC -> Ningún archivo <==== ATENCIÓN
Task: {29C5AADD-5463-4ADB-A559-FF1A7B886802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {356DA76A-535A-4251-8832-E0BA74807C78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-29] (Google Inc -> Google LLC)
Task: {399AE4FE-8257-4391-ACA2-03D10640CA80} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {44D00F7D-2E99-4416-8743-FD678833029D} - \Driver Booster Scheduler -> Ningún archivo <==== ATENCIÓN
Task: {4503F582-58D9-441F-8B6F-B58B5C498E97} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1432831 2014-05-19] (Hewlett-Packard Development Company, L.P.) [Archivo no firmado]
Task: {541E0C16-05FE-4626-B7C8-2F31B01936A4} - \AviraSystemSpeedupRemoval -> Ningún archivo <==== ATENCIÓN
Task: {54D86A0F-3173-4C67-9F69-C647FA2EC569} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-22] (Adobe Inc. -> Adobe)
Task: {5A249FF2-7A1E-45D8-A051-29384C8FEEF2} - \ASC11_SkipUac_MARCO -> Ningún archivo <==== ATENCIÓN
Task: {5B16BE01-555E-44C8-A41D-E2BB61E85F41} - System32\Tasks\Programa de actualización online de InstallShield Software => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
Task: {68225EDB-9F32-42EA-9C32-44D392418EA9} - System32\Tasks\{1902DC78-9F55-477F-B2DF-5AA15712EB4B} => C:\Windows\system32\pcalua.exe -a C:\Users\MARCO\Downloads\sp71924.exe -d C:\Users\MARCO\Downloads
Task: {6C6869E1-CF8D-48F2-9295-5562B4CF26F1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {6EAEE979-DD32-4458-8824-5943C6147046} - System32\Tasks\{E0C19D5E-5921-41E4-8CEE-E03497043AFB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARCO\Downloads\sp68507.exe -d C:\Users\MARCO\Downloads
Task: {739ACFFA-49A5-4C3A-AE6A-FC87FC51C172} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7493090A-3374-432A-84B2-CE1C6CD1BD11} - \SmartGameBooster SkipUAC (MARCO) -> Ningún archivo <==== ATENCIÓN
Task: {76C31621-24B1-4157-9C86-6B51806F76FE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {8E3EB10A-B93E-452C-BEBF-510138AF3B73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {92A35F84-3E19-4560-B738-E33A9BC9FAF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {9BB000DD-3F21-48A0-8FC1-113430BF50B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {A45BA722-7C7B-4576-8BDF-1C94EF3D120F} - System32\Tasks\Baidu LiveUpdate => C:\Program [Argument = Files (x86)\Baidu WiFiHotspot\liveupdate.exe]
Task: {B358FAAC-1722-4DCA-BA67-C4795C1156D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9A97D2A-C9EE-410E-913D-490748EE299E} - System32\Tasks\{A5DB3238-8D23-425C-8170-44BB3A290139} => C:\Users\MARCO\Downloads\RADEON RESOLUTION MODIFICADOR\RCRM\RCRM.exe
Task: {BD5D08DB-4593-4490-810E-7CDF6A6BAC99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {D308E8C2-3AAF-4C55-9D6F-9F38F3D1DEF7} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D9925AF0-C472-41E0-9A1B-356217B20603} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-22] (Adobe Inc. -> Adobe)
Task: {DB779A5E-0E79-4510-8578-1AE9E2C76065} - System32\Tasks\InstallShield Update Service => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
Task: {E21C15FC-1D2F-4F79-AE5D-63C4329C559F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E43D54D0-A735-4C1D-A745-F70D0FED6354} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-29] (Google Inc -> Google LLC)
Task: {F23A42B0-FE9F-43F9-9FFD-CF26D9AF9EA3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA199D7F-101C-4BF3-A398-CB0DC05E155F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1981365817-1338075218-4232470481-1000 => C:\Users\MARCO\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{5C3A32C7-DF1F-4174-B81A-6BA60279BC4B}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{FF5B5A6B-C816-4A64-8F6C-634B737DB908}: [DhcpNameServer] 200.48.225.146 200.48.225.130

Internet Explorer:
==================
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] () [Archivo no firmado]
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) [Archivo no firmado]
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] () [Archivo no firmado]
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: text/xml - Sin valor CLSID
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

FireFox:
========
FF DefaultProfile: 84a3zxsw.default
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default [2020-01-21]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] [2020-01-20]
FF Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] [2020-01-20]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release [2020-01-29]
FF Notifications: Mozilla\Firefox\Profiles\i0v2cppl.default-release -> hxxps://forospyware.com
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] [2020-01-21]
FF Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] [2020-01-20] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2019-05-05] [Heredado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected] [2019-05-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-22] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-22] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default [2020-01-28]
CHR Extension: (Presentaciones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-29]
CHR Extension: (Documentos) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-29]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-29]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-29]
CHR Extension: (Foxit PDF Creator) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2020-01-21]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-21]
CHR Extension: (Hojas de cálculo) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-29]
CHR Extension: (Avira Navegación segura) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-12-06]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-19]
CHR Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [249344 2016-02-26] (Karl Sabo -> AMD)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Archivo no firmado]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [Archivo no firmado]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1208039 2014-05-19] (Hewlett-Packard Company) [Archivo no firmado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc. -> HP Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8102192 2019-05-12] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2018-04-19] (Even Balance, Inc. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268368 2019-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [50688 2016-09-20] (Realtek Semiconductor Corporation) [Archivo no firmado]
R2 SPDFCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [262904 2015-03-03] (Solid Documents -> Solid Documents, LLC)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-12-07] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 2776A55A; C:\Windows\system32\drivers\2776A55A.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 3111A584; C:\Windows\system32\drivers\3111A584.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 56977697; C:\Windows\system32\drivers\56977697.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [53760 2017-12-07] (Hewlett-Packard -> HP)
R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [117608 2017-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [23981568 2016-02-26] (Karl Sabo -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [674816 2016-02-26] (Karl Sabo -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [70368 2016-02-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237840 2015-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [85704 2015-03-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2015-03-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [30208 2016-08-31] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.) [Archivo no firmado]
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.) [Archivo no firmado]
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2017-07-20] () [Archivo no firmado]
R3 BthAudioHF; C:\Windows\System32\drivers\RtkHfp.sys [103168 2015-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [135520 2019-07-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40960 2017-12-07] (Hewlett-Packard -> HP)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-18] (Martin Malik - REALiX -> REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531280 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klfltsdk; C:\Windows\System32\DRIVERS\klfltsdk.sys [252544 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [521336 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1107064 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klifsdk; C:\Windows\System32\DRIVERS\klifsdk.sys [1105536 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [212304 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2017-07-20] () [Archivo no firmado]
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [43088 2014-08-14] (Mainline Net Holdings Limited -> NT Kernel Resources)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0116.sys [38088 2018-10-15] (SoftEther Corporation -> SoftEther Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [707072 2009-06-10] (Microsoft Windows -> Ralink Technology, Corp.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [329184 2017-09-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RtkA2dp; C:\Windows\System32\drivers\RtkA2dp.sys [193280 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\Windows\System32\DRIVERS\RtkAvrcp.sys [73712 2015-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [722944 2017-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [3127552 2017-07-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [6703944 2017-12-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2017-04-13] (Razer Inc. -> Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2019-10-12] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Archivo no firmado]
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver_AMDASF.sys [47704 2017-12-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166752 2019-07-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [60640 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [57976 2017-04-06] (Shaul Eizikovich -> Shaul Eizikovich)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (Splitmedialabs Limited -> SplitmediaLabs Limited)
S2 AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Users\MARCO\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATENCIÓN
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U3 iswSvc; no ImagePath
S4 RsFx0153; system32\DRIVERS\RsFx0153.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-29 16:38 - 2020-01-29 16:39 - 000042332 _____ C:\Users\MARCO\Desktop\FRST.txt
2020-01-29 16:38 - 2020-01-29 16:39 - 000000000 ____D C:\FRST
2020-01-29 16:36 - 2020-01-29 16:37 - 002581504 _____ (Farbar) C:\Users\MARCO\Desktop\FRST64.exe
2020-01-29 16:29 - 2020-01-29 16:32 - 180843448 _____ (AO Kaspersky Lab) C:\Users\MARCO\Desktop\KVRT(1).exe
2020-01-29 16:21 - 2020-01-29 16:21 - 000000000 ____D C:\Users\MARCO\AppData\Local\ESET
2020-01-29 16:20 - 2020-01-29 16:20 - 008166712 _____ (ESET spol. s r.o.) C:\Users\MARCO\Desktop\ESETOnlineScanner_ESL.exe
2020-01-29 12:38 - 2020-01-29 12:38 - 000000000 ____D C:\ProgramData\PC Faster
2020-01-29 12:37 - 2020-01-29 12:37 - 000000000 ____D C:\Users\Public\Documents\PC Faster
2020-01-29 12:37 - 2020-01-29 12:37 - 000000000 ____D C:\ProgramData\Documents\PC Faster
2020-01-29 09:25 - 2020-01-29 09:25 - 000002409 _____ C:\Users\MARCO\Desktop\ZHPCleaner (R).txt
2020-01-29 08:34 - 2020-01-29 08:34 - 000002237 _____ C:\Users\MARCO\Desktop\ZHPCleaner (S).txt
2020-01-28 23:23 - 2020-01-28 23:23 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\WinRAR
2020-01-28 23:18 - 2020-01-28 23:48 - 000000000 ____D C:\Users\MARCO\Downloads\rootear g955f
2020-01-28 22:26 - 2020-01-28 23:19 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\56977697.sys
2020-01-28 22:13 - 2020-01-28 22:25 - 001036736 _____ () C:\Users\MARCO\Downloads\OneClickRoot.exe
2020-01-28 14:05 - 2020-01-28 23:19 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-01-28 14:05 - 2020-01-28 14:05 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\22C48647.sys
2020-01-28 13:57 - 2020-01-28 23:10 - 000004992 _____ C:\Users\MARCO\Desktop\mb-clean-results.txt
2020-01-28 13:56 - 2020-01-28 13:56 - 000858912 _____ (Malwarebytes) C:\Users\MARCO\Desktop\mb-clean-3.1.0.1035.exe
2020-01-28 13:49 - 2020-01-28 13:51 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3111A584.sys
2020-01-28 13:40 - 2020-01-28 13:40 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\D47B913F.sys
2020-01-28 13:38 - 2020-01-28 13:39 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\2776A55A.sys
2020-01-28 12:01 - 2020-01-28 12:01 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\437221E7.sys
2020-01-28 11:37 - 2020-01-28 11:38 - 000441016 _____ C:\Windows\system32\Drivers\vsconfig.xml
2020-01-28 11:37 - 2019-11-19 15:21 - 001107064 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000531280 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kl1.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000521336 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klgse.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000147680 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2020-01-28 11:13 - 2020-01-28 11:13 - 003307744 _____ (Alexander Roshal) C:\Users\MARCO\Downloads\winrar-x64-580es.exe
2020-01-28 11:13 - 2020-01-28 11:13 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-28 11:13 - 2020-01-28 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-28 11:13 - 2020-01-28 11:13 - 000000000 ____D C:\Program Files\WinRAR
2020-01-28 10:55 - 2020-01-28 10:55 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\1341168F.sys
2020-01-28 10:23 - 2020-01-28 23:19 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-01-28 10:23 - 2020-01-28 10:23 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\52279262.sys
2020-01-28 10:15 - 2020-01-28 13:36 - 000000000 ____D C:\Users\MARCO\Desktop\mbar
2020-01-28 10:14 - 2020-01-28 10:15 - 014178840 _____ (Malwarebytes Corp.) C:\Users\MARCO\Downloads\mbar-1.10.3.1001.exe
2020-01-28 08:37 - 2020-01-28 08:37 - 005950728 _____ (Check Point Software Technologies Ltd.) C:\Users\MARCO\Downloads\zaSetupWeb_158_023_18219.exe
2020-01-28 08:22 - 2020-01-28 08:22 - 003410247 _____ (Nicolas Coolman) C:\Users\MARCO\ZHPCleaner.exe
2020-01-26 23:53 - 2020-01-27 10:24 - 003001324 _____ C:\Users\MARCO\Downloads\Chame(www.elandroidhd.com).apk
2020-01-26 23:10 - 2020-01-26 23:10 - 000001307 _____ C:\Users\Public\Desktop\Samsung Tool PRO.lnk
2020-01-26 23:10 - 2020-01-26 23:10 - 000001307 _____ C:\ProgramData\Desktop\Samsung Tool PRO.lnk
2020-01-26 23:09 - 2020-01-28 08:51 - 000003390 _____ C:\Users\MARCO\AppData\Local\icsys.icn
2020-01-26 22:44 - 2020-01-26 22:49 - 000000000 ____D C:\Users\MARCO\Documents\Android_MTK
2020-01-23 15:38 - 2020-01-23 15:38 - 000073004 _____ C:\Users\MARCO\Downloads\WT_SR-Redondos_v1.4.ex5
2020-01-22 08:31 - 2020-01-26 22:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 23:16 - 2020-01-29 09:25 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ZHP
2020-01-21 23:16 - 2020-01-28 08:22 - 000000641 _____ C:\Users\MARCO\Desktop\ZHPCleaner.lnk
2020-01-21 23:16 - 2020-01-21 23:16 - 000000000 ____D C:\Users\MARCO\AppData\Local\ZHP
2020-01-21 21:53 - 2020-01-25 22:04 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2020-01-21 21:53 - 2020-01-21 21:53 - 000001095 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2020-01-21 21:53 - 2020-01-21 21:53 - 000001095 _____ C:\ProgramData\Desktop\SpywareBlaster.lnk
2020-01-21 21:53 - 2020-01-21 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2020-01-21 21:53 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2020-01-21 21:53 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2020-01-21 21:42 - 2020-01-21 21:44 - 004291320 _____ (BrightFort LLC ) C:\Users\MARCO\Downloads\spywareblastersetup55.exe
2020-01-21 21:17 - 2020-01-21 21:17 - 008237744 _____ (Malwarebytes) C:\Users\MARCO\Downloads\adwcleaner_8.0.1.exe
2020-01-21 08:56 - 2020-01-21 08:56 - 000000000 ____D C:\Users\Public\Foxit Software
2020-01-21 08:56 - 2020-01-21 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2020-01-21 08:55 - 2020-01-21 08:55 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2020-01-20 23:03 - 2018-04-02 10:41 - 000057924 _____ C:\Windows\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-01-20 23:03 - 2018-04-02 10:41 - 000049424 _____ C:\Windows\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-01-20 23:03 - 2018-04-02 10:41 - 000044660 _____ C:\Windows\system32\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-01-20 23:03 - 2016-09-20 19:00 - 000001156 _____ C:\Windows\PidVid_List.dll
2020-01-20 22:54 - 2020-01-20 22:56 - 009821336 _____ (HP Inc.) C:\Users\MARCO\Downloads\sp67743.exe
2020-01-20 22:14 - 2020-01-20 22:14 - 000000171 _____ C:\Users\MARCO\Downloads\Activation KEY para activar avast driver update.rar
2020-01-20 12:49 - 2020-01-20 12:49 - 000005572 _____ C:\TDSSKiller.3.1.0.28_20.01.2020_12.49.28_log.txt
2020-01-20 11:51 - 2015-09-14 13:03 - 000039672 _____ C:\Windows\system32\Drivers\DasPtct.SYS
2020-01-20 11:51 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-01-20 11:50 - 2020-01-20 11:50 - 038191600 _____ (Panda Security ) C:\Users\MARCO\Downloads\PandaCloudCleaner.exe
2020-01-20 11:43 - 2020-01-20 11:43 - 000230080 _____ (AVAST Software) C:\Users\MARCO\Downloads\avast_premium_security_setup_online.exe
2020-01-20 11:34 - 2020-01-20 11:34 - 000281376 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\25779457.sys
2020-01-20 11:34 - 2020-01-20 11:34 - 000000000 ____D C:\TDSSKiller_Quarantine
2020-01-20 11:30 - 2020-01-20 11:34 - 000765900 _____ C:\TDSSKiller.3.1.0.28_20.01.2020_11.30.12_log.txt
2020-01-20 10:52 - 2020-01-20 10:52 - 000001919 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T-UnLock.lnk
2020-01-20 10:52 - 2020-01-20 10:52 - 000001913 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\T-UnLock.lnk
2020-01-20 10:37 - 2020-01-26 23:09 - 000000000 ____D C:\Program Files (x86)\Z3X
2020-01-20 10:02 - 2020-01-20 10:02 - 000228907 _____ C:\Users\MARCO\Downloads\Advanced_IMEI_Generator_v1.00.zip
2020-01-20 01:22 - 2020-01-20 01:23 - 002482948 _____ C:\Users\MARCO\Downloads\PhoneCopier_4_2_1_26507.apk
2020-01-20 01:20 - 2020-01-20 01:25 - 038590136 _____ (COMPELSON Laboratories ) C:\Users\MARCO\Downloads\setup_ME_PHONEMANAGER_10_2_0_26539.exe
2020-01-20 00:40 - 2018-01-12 13:55 - 000006505 _____ C:\Users\MARCO\Downloads\Miracle Box 2.54 keygen License.txt
2020-01-19 22:09 - 2020-01-19 22:10 - 050806689 _____ C:\Users\MARCO\Downloads\CF-Auto-Root-dream2qltesq-dream2qltesq-smg955u.zip
2020-01-19 21:46 - 2019-07-10 00:08 - 000166752 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2020-01-19 21:46 - 2019-07-10 00:08 - 000135520 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2020-01-19 17:20 - 2020-01-19 17:20 - 000111200 _____ C:\Users\MARCO\Downloads\fix.pdf
2020-01-19 17:18 - 2020-01-20 11:24 - 000000000 ____D C:\KVRT_Data
2020-01-19 16:31 - 2020-01-19 17:09 - 180602296 _____ (AO Kaspersky Lab) C:\Users\MARCO\Downloads\KVRT.exe
2020-01-19 16:26 - 2020-01-19 16:26 - 002818392 _____ (Kaspersky) C:\Users\MARCO\Downloads\kts20.0.14.1085abces_19506.exe
2020-01-19 16:09 - 2020-01-19 16:09 - 000000000 ____D C:\ProgramData\ProductData
2020-01-19 16:05 - 2020-01-19 16:05 - 000000000 ____D C:\Users\MARCO\Documents\AirDroid
2020-01-18 21:13 - 2020-01-26 22:20 - 000000000 ____D C:\Users\MARCO\Downloads\NUEVO ROOT GALAXY SM G955U OJALAAA
2020-01-18 16:13 - 2020-01-20 08:47 - 000000000 ____D C:\Users\MARCO\Downloads\PARA CAMBIAR imei
2020-01-18 15:54 - 2020-01-20 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
2020-01-18 14:20 - 2020-01-18 14:25 - 056148035 _____ (z3x-team ) C:\Users\MARCO\Downloads\SamsungToolPRO_30.5.exe
2020-01-18 10:21 - 2020-01-18 10:21 - 000000000 _____ C:\Windows\system32\last.dump
2020-01-18 10:10 - 2020-01-18 10:10 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2020-01-18 10:09 - 2020-01-25 19:22 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-01-18 10:05 - 2020-01-18 10:09 - 000000000 ____D C:\Samsung tool
2020-01-18 09:47 - 2020-01-18 09:49 - 036893384 _____ (Samsung Electronics Co., Ltd.) C:\Users\MARCO\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2020-01-17 12:21 - 2020-01-17 12:21 - 040486560 _____ (Samsung Electronics) C:\Users\MARCO\Downloads\SmartSwitch.exe
2020-01-14 14:17 - 2020-01-14 14:17 - 004371756 _____ C:\Users\MARCO\Downloads\SM-G950F SCHEMATICS HALABTECH.rar
2020-01-14 08:37 - 2020-01-14 08:37 - 000903580 _____ C:\Users\MARCO\Downloads\6-Texto del artículo-41-1-10-20171128.pdf
2020-01-14 08:32 - 2020-01-14 08:32 - 000751558 _____ C:\Users\MARCO\Downloads\Dialnet-ModeloPsicobiologicoDePersonalidadDeEysenck-6161336.pdf
2020-01-13 12:18 - 2020-01-13 16:38 - 000383098 _____ C:\Users\MARCO\Downloads\TEST_BARSIT.xlsx
2020-01-13 12:14 - 2020-01-13 12:14 - 000103936 _____ C:\Users\MARCO\Downloads\Hoja-de-calculo-TIP-3vf.xls
2020-01-10 12:07 - 2020-01-10 12:07 - 010671165 _____ C:\Users\MARCO\Downloads\Gerber, M. (2005). El mito del emprendedor. Paidós. ISBN 968-853-630-X.pdf
2020-01-08 21:47 - 2020-01-08 21:47 - 001307792 _____ (Plarium) C:\Users\MARCO\Downloads\RaidSetup.exe
2020-01-04 22:45 - 2020-01-04 22:46 - 009102410 _____ C:\Users\MARCO\Downloads\SM-G955U SCHEMATICS HALABTECH.rar
2020-01-04 22:24 - 2020-01-04 22:24 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Google
2020-01-04 16:16 - 2020-01-04 16:16 - 000001071 _____ C:\Users\Public\Desktop\Dragon Age Origins - Ultimate Edition.lnk
2020-01-04 16:16 - 2020-01-04 16:16 - 000001071 _____ C:\ProgramData\Desktop\Dragon Age Origins - Ultimate Edition.lnk
2020-01-04 16:16 - 2020-01-04 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins - Ultimate Edition
2020-01-04 11:06 - 2020-01-04 11:06 - 002466345 _____ C:\Users\MARCO\Downloads\lm80-p0598-4_b_pmm8920_pwr_mgt_mod_device_spec.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-29 09:25 - 2017-07-18 23:16 - 000000000 ____D C:\Users\MARCO\AppData\LocalLow\Mozilla
2020-01-29 08:27 - 2009-07-13 23:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-29 08:27 - 2009-07-13 23:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-29 08:17 - 2010-11-21 02:09 - 000880388 _____ C:\Windows\system32\perfh00A.dat
2020-01-29 08:17 - 2010-11-21 02:09 - 000209410 _____ C:\Windows\system32\perfc00A.dat
2020-01-29 08:17 - 2009-07-14 00:13 - 002049964 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-29 08:17 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2020-01-29 08:13 - 2018-05-05 21:39 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashDumps
2020-01-29 08:13 - 2018-03-20 22:40 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2020-01-29 08:12 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-29 00:33 - 2017-07-18 19:52 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-01-28 23:23 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\System
2020-01-28 23:19 - 2017-09-21 21:39 - 000000000 ____D C:\Windows\pss
2020-01-28 13:35 - 2017-07-18 23:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\IObit
2020-01-28 12:44 - 2018-10-10 22:32 - 000000000 ____D C:\ProgramData\PCGameBoost
2020-01-28 10:52 - 2017-07-18 18:22 - 000000000 ____D C:\Users\MARCO
2020-01-28 10:52 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system
2020-01-28 09:59 - 2017-12-12 23:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-01-25 19:54 - 2018-05-29 10:08 - 000000000 ____D C:\ProgramData\Temp
2020-01-25 19:25 - 2018-10-16 14:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\Battle.net
2020-01-25 19:22 - 2019-07-29 10:28 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-25 19:22 - 2019-07-29 10:28 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-25 19:22 - 2019-04-09 18:59 - 000004450 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-25 19:22 - 2018-11-16 19:42 - 000003560 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Ink Tank 310 series
2020-01-25 19:22 - 2018-10-20 22:05 - 000004332 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-25 19:22 - 2018-10-06 22:56 - 000003724 _____ C:\Windows\system32\Tasks\InstallShield Update Service
2020-01-25 19:22 - 2018-09-27 15:02 - 000003184 _____ C:\Windows\system32\Tasks\Baidu LiveUpdate
2020-01-25 19:22 - 2018-04-24 14:25 - 000004230 _____ C:\Windows\system32\Tasks\AMD Updater
2020-01-25 19:22 - 2018-04-10 15:43 - 000003122 _____ C:\Windows\system32\Tasks\{1902DC78-9F55-477F-B2DF-5AA15712EB4B}
2020-01-25 19:22 - 2018-03-17 18:16 - 000003818 _____ C:\Windows\system32\Tasks\Programa de actualización online de InstallShield Software
2020-01-25 19:22 - 2018-03-10 21:44 - 000003002 _____ C:\Windows\system32\Tasks\{5444AB9F-3606-4102-927B-3E02CAD9ABC5}
2020-01-25 19:22 - 2018-03-10 21:40 - 000003002 _____ C:\Windows\system32\Tasks\{A5DB3238-8D23-425C-8170-44BB3A290139}
2020-01-25 19:22 - 2018-01-14 01:18 - 000003122 _____ C:\Windows\system32\Tasks\{E0C19D5E-5921-41E4-8CEE-E03497043AFB}
2020-01-24 16:32 - 2017-07-27 19:54 - 000000000 ____D C:\Users\MARCO\AppData\Local\JDownloader v2.0
2020-01-24 13:30 - 2018-07-10 16:50 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\vlc
2020-01-23 19:04 - 2019-07-23 11:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-23 15:38 - 2019-10-04 00:09 - 000000000 ____D C:\Users\MARCO\Desktop\Mis Indicadores y componentes de mi sistema de Trading
2020-01-22 08:59 - 2017-07-19 00:34 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-22 08:59 - 2017-07-19 00:34 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-22 08:59 - 2017-07-19 00:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-01-22 08:59 - 2017-07-19 00:33 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-21 21:57 - 2017-07-20 17:26 - 000041774 __RSH C:\ProgramData\ntuser.pol
2020-01-21 21:32 - 2018-05-15 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2020-01-21 21:32 - 2018-05-15 16:58 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Samsung
2020-01-21 21:32 - 2018-05-15 16:57 - 000000000 ____D C:\Program Files (x86)\Samsung
2020-01-21 08:57 - 2017-07-19 00:44 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-21 08:56 - 2017-09-01 14:13 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Foxit Software
2020-01-20 23:03 - 2017-07-18 21:50 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-01-20 23:02 - 2018-01-14 00:59 - 000000000 ____D C:\ProgramData\Realtek
2020-01-20 23:01 - 2017-07-18 19:45 - 000000000 ____D C:\SWSETUP
2020-01-20 22:59 - 2017-07-18 22:48 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\hpqLog
2020-01-20 21:31 - 2018-12-11 14:53 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Notepad++
2020-01-20 21:31 - 2018-12-11 14:53 - 000000000 ____D C:\Program Files\Notepad++
2020-01-20 21:30 - 2018-10-09 14:27 - 000000000 ____D C:\Users\MARCO\AppData\Local\Jagex
2020-01-20 21:30 - 2018-10-09 14:27 - 000000000 ____D C:\ProgramData\Jagex
2020-01-20 12:58 - 2019-08-05 22:57 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-20 12:58 - 2019-08-05 22:57 - 000000871 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-20 12:24 - 2018-10-23 00:17 - 000000000 ____D C:\Users\MARCO\AppData\Local\MEGAsync
2020-01-20 12:24 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Resources
2020-01-19 16:40 - 2018-05-10 22:14 - 000000000 ____D C:\ProgramData\Epic
2020-01-19 16:27 - 2018-05-04 16:45 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-01-19 16:00 - 2019-07-23 11:15 - 000001916 _____ C:\Users\MARCO\Desktop\JRT.txt
2020-01-19 14:40 - 2017-07-22 23:18 - 000000000 ____D C:\Users\MARCO\AppData\Local\ElevatedDiagnostics
2020-01-18 10:41 - 2017-07-18 22:27 - 000119240 _____ C:\Users\MARCO\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-18 10:40 - 2018-03-17 16:35 - 000000000 ____D C:\Users\MARCO\AppData\Local\Avg
2020-01-18 10:40 - 2018-03-08 00:40 - 000000000 ____D C:\ProgramData\Avg
2020-01-18 10:33 - 2009-07-13 23:45 - 000460232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 09:57 - 2018-05-15 16:58 - 000000000 ____D C:\ProgramData\Samsung
2020-01-17 12:24 - 2018-05-15 17:01 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2020-01-17 12:24 - 2018-05-15 17:01 - 000000000 ____D C:\ProgramData\Documents\NativeFus_Log
2020-01-17 11:56 - 2018-11-13 09:37 - 000000000 ____D C:\Users\MARCO\Desktop\hard disk sentinel
2020-01-16 08:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-14 21:24 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-14 08:36 - 2018-10-09 12:49 - 000000000 ____D C:\Users\MARCO\AppData\Local\Deployment
2020-01-12 09:57 - 2018-02-24 13:09 - 000000039 _____ C:\Windows\Model.txt
2020-01-09 23:53 - 2019-07-29 10:29 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-04 18:38 - 2017-07-19 23:23 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-01-04 16:16 - 2018-03-24 16:30 - 000000000 ____D C:\Users\MARCO\Documents\BioWare
2020-01-03 15:07 - 2019-12-11 21:49 - 000000353 _____ C:\Users\MARCO\Desktop\claves l latino.txt
2020-01-01 09:36 - 2018-10-09 21:54 - 000000000 ____D C:\ProgramData\install_clap
2020-01-01 09:36 - 2018-05-29 10:14 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\CyberLink
2020-01-01 09:36 - 2017-12-28 18:14 - 000000000 ____D C:\ProgramData\CyberLink
2020-01-01 09:34 - 2018-04-10 15:43 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2020-01-01 09:34 - 2017-07-18 21:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-01 09:33 - 2018-05-29 10:14 - 000000000 ____D C:\Users\MARCO\Documents\CyberLink
2020-01-01 09:33 - 2018-05-29 10:12 - 000000000 ____D C:\Users\MARCO\AppData\Local\CyberLink

==================== Archivos en la raíz de algunos directorios ========

2020-01-28 08:22 - 2020-01-28 08:22 - 003410247 _____ (Nicolas Coolman) C:\Users\MARCO\ZHPCleaner.exe
2018-10-23 17:02 - 2014-08-12 15:18 - 000001884 _____ () C:\Program Files (x86)\README.txt
2018-01-14 01:00 - 2020-01-29 13:26 - 024926077 _____ () C:\Users\MARCO\AppData\Local\BTServer.log
2018-05-29 10:05 - 2018-05-29 10:05 - 000003584 _____ () C:\Users\MARCO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-08 12:51 - 2018-08-31 00:04 - 001065984 _____ () C:\Users\MARCO\AppData\Local\file__0.localstorage
2020-01-26 23:09 - 2020-01-28 08:51 - 000003390 _____ () C:\Users\MARCO\AppData\Local\icsys.icn
2017-07-19 17:35 - 2019-03-28 18:05 - 000007608 _____ () C:\Users\MARCO\AppData\Local\Resmon.ResmonCfg
2019-11-07 09:16 - 2019-11-07 09:16 - 000000000 _____ () C:\Users\MARCO\AppData\Local\{42CAF5D7-1C3C-4DEE-9EE7-6D3801F206BC}

==================== FCheck ================================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

FCheck: C:\Windows\SNVerifyDLL.dll [2005-01-18] <==== ATENCIÓN (cero bytes Archivo/Carpeta)

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-01-28 13:15
==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 27-01-2020
Ejecutado por MARCO (29-01-2020 16:40:14)
Ejecutado desde C:\Users\MARCO\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-07-18 23:22:47)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1981365817-1338075218-4232470481-500 - Administrator - Disabled)
Invitado (S-1-5-21-1981365817-1338075218-4232470481-501 - Limited - Disabled)
MARCO (S-1-5-21-1981365817-1338075218-4232470481-1000 - Administrator - Enabled) => C:\Users\MARCO

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{5A613379-D3AA-43B9-A82B-EE47703FC2D7}) (Version: 4.3.2.0703 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Aqua Garden Deluxe (HKLM-x32\...\{DC5CB799-5324-4DEA-8014-50D5CCABF547}) (Version: 1.01 - Formosoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.45.10 - Bethesda Softworks)
Brother MFL-Pro Suite DCP-T700W (HKLM-x32\...\{BA07A125-6AC7-4293-89D6-391676FFD041}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Cashflow 101 + 202 lite v.1.2 (HKLM-x32\...\{6F652078-1622-48B7-911C-0929E0D6B636}_is1) (Version:  - CFGAME.RU)
Catalyst Control Center Next Localization IT (HKLM\...\{04F0FFCB-D9A5-2332-2697-CA47C0424AF2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Cronómetro (HKLM-x32\...\{9A15B08E-D2AF-45E5-9479-B539DEE57E60}) (Version: 1.0.1 - Rickypauel)
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Digital Clock 1.0 (HKLM-x32\...\Digital Clock) (Version: 1.0 - FlashTECH)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Age Origins - Ultimate Edition versión 1.05 (HKLM-x32\...\Dragon Age Origins - Ultimate Edition_is1) (Version: 1.05 - Bioware)
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version:  - Microsoft)
Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Electrum (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Electrum) (Version: 3.3.7 - Electrum Technologies GmbH)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Estudio para la mejora del producto HP Ink Tank 310 series (HKLM\...\{DAD2E186-2A3A-4A03-B77F-D912AD76B476}) (Version: 45.3.2597.18208 - HP Inc.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{33c353c9-5748-4e71-b8d4-c38ef6cc82f3}) (Version: 9.6.0.25114 - Foxit Software Inc.)
Foxit PhantomPDF (HKLM-x32\...\{8B8EA992-9CEA-11E9-A74D-54BF64A63C26}) (Version: 9.6.0.25114 - Foxit Software Inc.) Hidden
Fritz 15 64-bit (HKLM\...\{E055F983-1A0C-4A1B-84BE-A0E5F03F279C}) (Version: 15.3.0.0 - ChessBase)
FxPro cTrader (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\9f1e138e05e3e925) (Version: 3.6.65534.35688 - FxPro cTrader)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Dropbox Plugin (HKLM-x32\...\{E33A1540-AF13-4F30-BEB5-3F4CD72AC7F9}) (Version: 36.0.175.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{CF4D7C86-DBA1-458D-990F-987A386091C8}) (Version: 43.0.175.0 - HP)
HP FTP Plugin (HKLM-x32\...\{B9FFA818-A8AE-406E-80EF-85A54A1C9F83}) (Version: 43.0.175.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{78CD6FCC-A6E9-4DCB-B137-FD691DB15CC6}) (Version: 36.0.175.0 - HP)
HP Ink Tank 310 series Ayuda (HKLM-x32\...\{8032AA89-A328-4B09-9BF6-8A7EE1F9DB37}) (Version: 44.0.0 - HP)
HP Ink Tank 310 series Software básico del dispositivo (HKLM\...\{D9C16FBB-0D18-4F86-92FF-C2F68E0EB2C7}) (Version: 45.3.2597.18208 - HP Inc.)
HP OneDrive Plugin (HKLM-x32\...\{C79809ED-0E3D-43E9-9F45-FA43DFA1EFFD}) (Version: 36.0.175.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{6E9B2B7C-1701-4DD3-80F7-B45ECA565DF9}) (Version: 43.0.175.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{41871A92-7684-456F-8BE2-AB570C641AEC}) (Version: 43.0.175.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{B2630333-677F-4F40-9625-7F76CFB02EA1}) (Version: 12.9.24.3 - HP Inc.)
IC Markets cTrader (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\adc49d1d01a64dad) (Version: 3.6.65534.35709 - IC Markets cTrader)
ICMarkets - MetaTrader 5 (HKLM\...\ICMarkets - MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Java(TM) SE Development Kit 11.0.1 (64-bit) (HKLM\...\{F4039C0F-E4C1-5905-9E7D-DDA8EDE365BC}) (Version: 11.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
L2 Latino  v19.7 (HKLM-x32\...\L2 Latino ) (Version: v19.7 - L2Latino)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MetaTrader - EXNESS (HKLM-x32\...\MetaTrader - EXNESS) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader - FXOpen (HKLM-x32\...\MetaTrader - FXOpen) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - ESN (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - ESN) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{7186392a-1a98-4844-a7a9-613401ff3f2c}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{eabee2ac-b1d9-4a98-8e85-bc5a8ebb6e95}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 72.0.2 (x64 es-ES)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
MSI Afterburner 4.6.0 Beta 9 (HKLM-x32\...\Afterburner) (Version: 4.6.0 Beta 9 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.70.7 - Black Tree Gaming)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OANDA - MetaTrader (HKLM-x32\...\OANDA - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Nombre de su organización)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - Advanced Micro Devices, Inc. (amdkmdap) Display  (12/06/2017 23.20.15002.11) (HKLM\...\AB86C4507336F53FACE8C9D5B08A13E242C5FFA9) (Version: 12/06/2017 23.20.15002.11 - Advanced Micro Devices, Inc.)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
Pointofix (HKLM-x32\...\Pointofix_is1) (Version:  - Amerigomedia)
Questpaket 4 Update 2 Deinstallation (HKLM-x32\...\G3QP231012008_is1) (Version: 4.2.0.0 - Humanforce)
RapiCapWin 2.0.2 (HKLM-x32\...\RapiCapWin_is1) (Version: 2.0.2 - RapiCapWin.com)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.29093 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
RoboForex - MetaTrader 4 (HKLM-x32\...\RoboForex - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Samsung Tool PRO 29.5 (HKLM-x32\...\44676886-FD7F-4C53-B188-BC86EED9BBC1_is1) (Version:  - z3x-team)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.11.0 - Samsung Electronics Co., Ltd.)
SERA - El CD 2.0 (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\SERA - El CD) (Version: 2.0 - Sera GmbH)
Solid Converter v9 (HKLM-x32\...\{14CFE370-0717-44B9-BD78-88C59D91A749}_is1) (Version: 9.1.6079.1056 - Solid Documents)
Solid PDF Creator (HKLM-x32\...\{DFE70CCC-0ACB-45B7-94F4-9DC6F01B7928}_is1) (Version: 9.1.2804.1 - Solid Documents)
SolidWordAddIn (HKLM-x32\...\{ddad9751-a580-432a-a4c2-893b44e4b0ba}_is1) (Version: 9.1.6079.1056 - Solid Documents)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{0F8CCE41-B6D0-43BB-BDBA-B8DF073216DB}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{AF688AD8-21D3-4B17-9775-9955B1135DEC}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{DE620959-4E84-4FA7-97BE-A6D4048016A2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{C767CCB8-3FE7-4FA3-A01D-EFDFB5C4D1B5}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop versión 1.8.8 (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.8 - Telegram FZ-LLC)
The Elder Scrolls III: Morrowind Game of the Year Edition (HKLM-x32\...\The Elder Scrolls III: Morrowind Game of the Year Edition) (Version:  - Bethesda Softworks)
The Witcher 2 Assassins of Kings - Enhanced Edition (HKLM-x32\...\The Witcher 2 Assassins of Kings - Enhanced Edition_is1) (Version:  - )
Tom Clancys Splinter Cell Blacklist Complete MULTi14 - ElAmigos versión 1.03 (HKLM-x32\...\{D2E6B774-D720-4469-8315-37C1D75DD918}_is1) (Version: 1.03 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
vJoy Device Driver 2.1.8.38 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.8.38 - Shaul Eizikovich)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WarCraft III Complete Edition MULTi6 - ElAmigos versión 1.27b (HKLM-x32\...\{E8FA15F8-415B-43E1-A04E-A27D6734E624}_is1) (Version: 1.27b - Blizzard Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
ZoneAlarm Antivirus (HKLM-x32\...\{61CE6095-350F-4EE7-AAE9-50FC9FFBBB90}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Ningún archivo
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Ningún archivo

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://skupkav.ru/?utm_source=startlink03&utm_content=0bfd739aabc09f087131cb2df69fbefa&utm_term=CA22F2BBBE8DCDEC22046C966D20F70C&utm_d=20180106"

==================== Módulos cargados (Lista blanca) =============

2015-06-25 15:53 - 2015-06-25 15:53 - 000011776 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 002013696 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 000014336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 000739840 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 000071168 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 000014336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () [Archivo no firmado] C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll
2018-03-21 00:15 - 2015-04-21 05:29 - 000143360 ____R () [Archivo no firmado] C:\Windows\system32\BrSNMP64.dll
2020-01-20 22:42 - 2020-01-20 22:39 - 000145863 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2016-02-26 15:29 - 2016-02-26 15:29 - 000004608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\atiamesp.dll
2018-03-20 22:40 - 2014-06-16 15:45 - 000216007 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-03-20 22:40 - 2014-06-16 16:03 - 000083968 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-03-20 22:40 - 2014-06-16 16:03 - 017955328 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-03-20 22:40 - 2014-06-16 16:03 - 000165831 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll
2018-03-21 00:15 - 2015-04-21 05:29 - 000087040 ____R (Brother Industries, Ltd.) [Archivo no firmado] C:\Windows\system32\BrNetSti.dll
2019-07-01 22:08 - 2019-07-01 22:08 - 000769991 _____ (Foxit) [Archivo no firmado] C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\Plugins\phc.dll
2018-04-18 11:28 - 2018-01-11 11:23 - 001098183 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2018-01-14 01:00 - 2016-09-20 14:47 - 000003584 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\api-ms-win-core-winrt-l1-1-0.dll
2018-01-14 01:00 - 2016-09-20 14:47 - 000004096 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\api-ms-win-core-winrt-string-l1-1-0.dll
2009-08-18 11:24 - 2009-08-18 11:24 - 000167424 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2020-01-25 19:49 - 2020-01-25 19:49 - 000069337 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\System\symsrv.dll
2018-01-14 01:00 - 2016-12-27 16:11 - 000072192 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\gatt_api.dll
2018-01-14 01:00 - 2016-12-23 13:34 - 000059392 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\GattExport.dll
2018-01-14 01:00 - 2016-09-20 14:47 - 000266752 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LeDll.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000049664 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000029696 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000037376 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000030208 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000459776 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000236544 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000275456 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 16:17 - 2015-06-25 16:17 - 000023552 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000022528 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000351744 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000021504 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 16:21 - 2015-06-25 16:21 - 000374784 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 16:14 - 2015-06-25 16:14 - 001212416 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 11:58 - 2015-07-02 11:58 - 005496320 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 005804544 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 16:00 - 2015-06-25 16:00 - 001061376 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 16:23 - 2015-06-25 16:23 - 003187712 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 16:28 - 2015-06-25 16:28 - 002924544 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 16:16 - 2015-06-25 16:16 - 000310784 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 16:08 - 2015-06-25 16:08 - 005444608 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 16:58 - 2015-06-25 16:58 - 000277504 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 15:59 - 2015-06-25 15:59 - 000193024 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
AlternateDataStreams: C:\Users\Public\AppData:CSM [434]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56977697 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56977697 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1001movie.com -> 1001movie.com

Hay 6091 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-06 12:41 - 2020-01-21 21:32 - 000000852 _____ C:\Windows\system32\drivers\etc\hosts

2018-09-26 14:47 - 2018-09-27 15:02 - 000000437 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\adb;C:\Program Files (x86)\HP\Common\HPDestPlgIn\
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 190.113.220.18 - 190.113.220.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AVG Antivirus => 2
MSCONFIG\Services: avgbIDSAgent => 3

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{BED5FE45-5850-476C-A761-E795D1316A92}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A88DC9EF-F477-4BC9-B35C-A1E6E4AC38F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Puntos de Restauración =========================

29-01-2020 13:13:23 Punto de control programado

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ADB Interface
Description: ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: HMD Global
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Android Composite ADB Interface
Description: Android Composite ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/29/2020 12:59:54 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/29/2020 08:13:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: CoolSense.exe, versión: 2.2.0.41, marca de tiempo: 0x5369cc12
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.24094, marca de tiempo: 0x5abedfcd
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00063289
Id. del proceso con errores: 0x11d0
Hora de inicio de la aplicación con errores: 0x01d5d6a5e3db0a2c
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: 23e350cc-4299-11ea-aebe-acd1b8a31200

Error: (01/29/2020 08:13:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\MetaTrader - FXOpen\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/29/2020 08:13:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\MetaTrader 4 IC Markets\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/29/2020 08:13:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/29/2020 08:13:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\RoboForex - MetaTrader 4\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/29/2020 08:13:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (01/28/2020 11:21:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Spotify.exe, versión: 1.1.4.197, marca de tiempo: 0x5ca28f89
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24094, marca de tiempo: 0x5abee073
Código de excepción: 0xc06d007e
Desplazamiento de errores: 0x0000c54f
Id. del proceso con errores: 0xf6c
Hora de inicio de la aplicación con errores: 0x01d5d65b84be02e0
Ruta de acceso de la aplicación con errores: C:\Users\MARCO\AppData\Roaming\Spotify\Spotify.exe
Ruta de acceso del módulo con errores: C:\Windows\syswow64\KERNELBASE.dll
Id. del informe: cf797594-424e-11ea-bd29-acd1b8a31200


Errores del sistema:
=============
Error: (01/29/2020 04:39:44 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:34:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:29:24 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:24:14 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:22:03 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:16:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:11:43 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.

Error: (01/29/2020 04:06:33 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: No se pudo registrar el nombre "WORKGROUP      :1d" en la interfaz con dirección IP 192.168.0.2.
El equipo la con dirección IP 192.168.0.37 no admite el nombre reclamado por este equipo.


Windows Defender:
===================================
Date: 2018-05-06 02:00:18.543
Description: 
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica:Con acceso
Código de error:0x80501002
Descripción de error:El programa no encuentra archivos de definición que le ayuden a detectar el software no deseado. Busque actualizaciones para los archivos de definición e inténtelo de nuevo. Para obtener información para instalar actualizaciones, consulte Ayuda y soporte técnico. 
Motivo:La supervisión en tiempo real dejó de funcionar por motivos desconocidos. Reinicie el servicio para recuperarla.

CodeIntegrity:
===================================

Date: 2020-01-29 08:12:30.844
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-29 08:12:30.794
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-29 08:12:30.664
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-29 08:12:30.634
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-28 23:20:50.938
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-28 23:20:50.888
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-28 23:20:50.758
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-28 23:20:50.718
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F.44 09/20/2016
Placa base: Hewlett-Packard 808C
Procesador: AMD A10-4655M APU with Radeon(tm) HD Graphics 
Porcentaje de memoria en uso: 42%
RAM física total: 15556.64 MB
RAM física disponible: 8942.73 MB
Virtual total: 40120.81 MB
Virtual disponible: 32897.22 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:150.19 GB) (Free:10.76 GB) NTFS
Drive d: () (Fixed) (Total:781.22 GB) (Free:57.56 GB) NTFS

\\?\Volume{8ac0b762-668e-11e7-9765-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EE158A60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781.2 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola @marcobh1

Tu equipo aun sigue muy infectado esto fue debido a haber desactivado tu AV para ejecutar software malicioso, pero ademas de ello al instalar y desinstalar tantos antivirus de forma incorrecta tienes restos activos de todos ellos y como frutilla del postre intentaste forzar la instalación de Malwarebytes con Kaspersky AV que están siendo incompatibles si no son agregados ambos en las excepciones.

Así que por favor no instales nada que no te indique y realiza al pie de la letra y respetando el orden los pasos que te dejo.


Paso 1: Ejecuta el archivo mb-clean-3.1.0.1035.exe que aun tienes ubicado en tu escritorio para desinstalar Malwarebytes.

  • Te dará un reporte lo pegas en tu próxima respuesta.

Paso 2: Realiza lo siguiente:

1.- Muy Importante >>> Realizar una copia de Seguridad de tu Registro.

  • Descarga/Ejecuta DelFix desde el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego veya a::

2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Run: [] => [X]
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\MountPoints2: {ab8f3470-0919-11e9-879c-acd1b8a31200} - F:\Setup.exe
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\MountPoints2: {c5023f79-c066-11e8-8dc8-acd1b8a31200} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation -> Symantec Corporation)
C:\Users\Public\Downloads\Norton
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCIÓN
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {0BC3304C-69CC-48BE-BFCB-38E90D4DA25E} - \AVGPCTuneUp_Task_BkGndMaintenance -> Ningún archivo <==== ATENCIÓN
Task: {24AC60FB-2E37-420F-AC28-E8CA289AE6FF} - \Microsoft Office 15 Sync Maintenance for MARCO-PC-MARCO MARCO-PC -> Ningún archivo <==== ATENCIÓN
Task: {399AE4FE-8257-4391-ACA2-03D10640CA80} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {44D00F7D-2E99-4416-8743-FD678833029D} - \Driver Booster Scheduler -> Ningún archivo <==== ATENCIÓN
C:\Program Files\AVG
Task: {541E0C16-05FE-4626-B7C8-2F31B01936A4} - \AviraSystemSpeedupRemoval -> Ningún archivo <==== ATENCIÓN
Task: {5A249FF2-7A1E-45D8-A051-29384C8FEEF2} - \ASC11_SkipUac_MARCO -> Ningún archivo <==== ATENCIÓN
Task: {68225EDB-9F32-42EA-9C32-44D392418EA9} - System32\Tasks\{1902DC78-9F55-477F-B2DF-5AA15712EB4B} => C:\Windows\system32\pcalua.exe -a C:\Users\MARCO\Downloads\sp71924.exe -d C:\Users\MARCO\Downloads
Task: {6C6869E1-CF8D-48F2-9295-5562B4CF26F1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
C:\Program Files\Common Files\AVG
Task: {6EAEE979-DD32-4458-8824-5943C6147046} - System32\Tasks\{E0C19D5E-5921-41E4-8CEE-E03497043AFB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARCO\Downloads\sp68507.exe -d C:\Users\MARCO\Downloads
Task: {7493090A-3374-432A-84B2-CE1C6CD1BD11} - \SmartGameBooster SkipUAC (MARCO) -> Ningún archivo <==== ATENCIÓN
Task: {A45BA722-7C7B-4576-8BDF-1C94EF3D120F} - System32\Tasks\Baidu LiveUpdate => C:\Program [Argument = Files (x86)\Baidu WiFiHotspot\liveupdate.exe]
C:\Program [Argument = Files (x86)\Baidu WiFiHotspot
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
Filter: text/xml - Sin valor CLSID
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] [2020-01-20]
FF Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] [2020-01-20]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] [2020-01-21]
FF Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] [2020-01-20] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-21]
CHR Extension: (Avira Navegación segura) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-12-06]
CHR Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8102192 2019-05-12] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
C:\Windows\SysWOW64\GameMon.des
S3 2776A55A; C:\Windows\system32\drivers\2776A55A.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 3111A584; C:\Windows\system32\drivers\3111A584.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 56977697; C:\Windows\system32\drivers\56977697.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531280 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klfltsdk; C:\Windows\System32\DRIVERS\klfltsdk.sys [252544 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [521336 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1107064 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klifsdk; C:\Windows\System32\DRIVERS\klifsdk.sys [1105536 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [212304 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Users\MARCO\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATENCIÓN
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U3 iswSvc; no ImagePath
S4 RsFx0153; system32\DRIVERS\RsFx0153.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
2020-01-29 16:29 - 2020-01-29 16:32 - 180843448 _____ (AO Kaspersky Lab) C:\Users\MARCO\Desktop\KVRT(1).exe
2020-01-29 16:21 - 2020-01-29 16:21 - 000000000 ____D C:\Users\MARCO\AppData\Local\ESET
2020-01-29 16:20 - 2020-01-29 16:20 - 008166712 _____ (ESET spol. s r.o.) C:\Users\MARCO\Desktop\ESETOnlineScanner_ESL.exe
2020-01-28 22:26 - 2020-01-28 23:19 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\56977697.sys
2020-01-28 14:05 - 2020-01-28 23:19 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-01-28 14:05 - 2020-01-28 14:05 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\22C48647.sys
2020-01-28 13:57 - 2020-01-28 23:10 - 000004992 _____ C:\Users\MARCO\Desktop\mb-clean-results.txt
2020-01-28 13:49 - 2020-01-28 13:51 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3111A584.sys
2020-01-28 13:40 - 2020-01-28 13:40 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\D47B913F.sys
2020-01-28 13:38 - 2020-01-28 13:39 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\2776A55A.sys
2020-01-28 12:01 - 2020-01-28 12:01 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\437221E7.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 001107064 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000531280 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kl1.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000521336 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klgse.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000147680 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2020-01-28 10:55 - 2020-01-28 10:55 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\1341168F.sys
2020-01-28 10:23 - 2020-01-28 23:19 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-01-28 10:23 - 2020-01-28 10:23 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\52279262.sys
2020-01-28 10:15 - 2020-01-28 13:36 - 000000000 ____D C:\Users\MARCO\Desktop\mbar
2020-01-28 10:14 - 2020-01-28 10:15 - 014178840 _____ (Malwarebytes Corp.) C:\Users\MARCO\Downloads\mbar-1.10.3.1001.exe
2020-01-28 08:37 - 2020-01-28 08:37 - 005950728 _____ (Check Point Software Technologies Ltd.) C:\Users\MARCO\Downloads\zaSetupWeb_158_023_18219.exe
2020-01-21 21:17 - 2020-01-21 21:17 - 008237744 _____ (Malwarebytes) C:\Users\MARCO\Downloads\adwcleaner_8.0.1.exe
2020-01-20 22:14 - 2020-01-20 22:14 - 000000171 _____ C:\Users\MARCO\Downloads\Activation KEY para activar avast driver update.rar
2020-01-20 11:51 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-01-20 11:50 - 2020-01-20 11:50 - 038191600 _____ (Panda Security ) C:\Users\MARCO\Downloads\PandaCloudCleaner.exe
2020-01-20 11:43 - 2020-01-20 11:43 - 000230080 _____ (AVAST Software) C:\Users\MARCO\Downloads\avast_premium_security_setup_online.exe
2020-01-20 11:34 - 2020-01-20 11:34 - 000281376 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\25779457.sys
2020-01-19 17:18 - 2020-01-20 11:24 - 000000000 ____D C:\KVRT_Data
2020-01-19 16:31 - 2020-01-19 17:09 - 180602296 _____ (AO Kaspersky Lab) C:\Users\MARCO\Downloads\KVRT.exe
2020-01-19 16:26 - 2020-01-19 16:26 - 002818392 _____ (Kaspersky) C:\Users\MARCO\Downloads\kts20.0.14.1085abces_19506.exe
2020-01-18 10:10 - 2020-01-18 10:10 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2020-01-18 10:09 - 2020-01-25 19:22 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-01-28 13:35 - 2017-07-18 23:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\IObit
2020-01-28 12:44 - 2018-10-10 22:32 - 000000000 ____D C:\ProgramData\PCGameBoost
2020-01-25 19:22 - 2018-09-27 15:02 - 000003184 _____ C:\Windows\system32\Tasks\Baidu LiveUpdate
2020-01-19 16:27 - 2018-05-04 16:45 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-01-18 10:40 - 2018-03-17 16:35 - 000000000 ____D C:\Users\MARCO\AppData\Local\Avg
2020-01-18 10:40 - 2018-03-08 00:40 - 000000000 ____D C:\ProgramData\Avg
FCheck: C:\Windows\SNVerifyDLL.dll [2005-01-18] <==== ATENCIÓN (cero bytes Archivo/Carpeta)
ZoneAlarm Antivirus (HKLM-x32\...\{61CE6095-350F-4EE7-AAE9-50FC9FFBBB90}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} =>  -> Ningún archivo
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Ningún archivo
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Ningún archivo
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://skupkav.ru/?utm_source=startlink03&utm_content=0bfd739aabc09f087131cb2df69fbefa&utm_term=CA22F2BBBE8DCDEC22046C966D20F70C&utm_d=20180106"
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
AlternateDataStreams: C:\Users\Public\AppData:CSM [434]
C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk
MSCONFIG\Services: AVG Antivirus => 2
MSCONFIG\Services: avgbIDSAgent => 3

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

3.- Inicie su ordenador en >>> Modo Seguro.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Paso 3: Reinicias en Modo Normal y ejecutas Revo Unistaller que lo tienes en tu equipo para desinstalar en su Modo Avanzado si es que aparece:

  • ZoneAlarm antivirus, Firewall y Security.

Manual de Revo Uninstaller.

Nos comentas, esperamos los reportes.

Por tu seguridad imprime los pasos.

Salu2

salio este reporte de MB-Clean:

2020-01-30 00:31:20.031   mb-clean:3.1.0.1035  @ Malwarebytes. All rights reserved.
2020-01-30 00:31:22.036   No Malwarebytes software installed.
2020-01-30 00:31:24.993   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2020-01-30 00:31:24.994   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2020-01-30 00:31:24.994   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2020-01-30 00:31:24.994   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2020-01-30 00:31:24.995   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2020-01-30 00:31:24.995   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2020-01-30 00:31:24.996   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2020-01-30 00:31:27.464   Trying to delete path C:\ProgramData\Malwarebytes\
2020-01-30 00:31:27.465   Cannot delete path C:\ProgramData\Malwarebytes\, reason:((error=3))
2020-01-30 00:31:27.466   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2020-01-30 00:31:27.466   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2020-01-30 00:31:27.467   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2020-01-30 00:31:27.468   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=3))
2020-01-30 00:31:27.471   --------END OF LOG FILE ----------

reporte Fixlog.txt:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 27-01-2020
Ejecutado por MARCO (30-01-2020 00:18:30) Run:1
Ejecutado desde C:\Users\MARCO\Desktop
Perfiles cargados: MARCO (Perfiles disponibles: MARCO)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCI�N
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCI�N
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Run: [] => [X]
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\MountPoints2: {ab8f3470-0919-11e9-879c-acd1b8a31200} - F:\Setup.exe
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\MountPoints2: {c5023f79-c066-11e8-8dc8-acd1b8a31200} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCI�N
HKU\S-1-5-18\...\Run: [Norton Download Manager{NIS2281014-SHPD-FSD57026}] => C:\Users\Public\Downloads\Norton\{NIS2281014-SHPD-FSD57026}\NISFSD.exe [1107280 2016-11-25] (Symantec Corporation -> Symantec Corporation)
C:\Users\Public\Downloads\Norton
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATENCI�N
GroupPolicy: Restricci�n - Chrome <==== ATENCI�N
GroupPolicy\User: Restricci�n ? <==== ATENCI�N
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N
Task: {0BC3304C-69CC-48BE-BFCB-38E90D4DA25E} - \AVGPCTuneUp_Task_BkGndMaintenance -> Ning�n archivo <==== ATENCI�N
Task: {24AC60FB-2E37-420F-AC28-E8CA289AE6FF} - \Microsoft Office 15 Sync Maintenance for MARCO-PC-MARCO MARCO-PC -> Ning�n archivo <==== ATENCI�N
Task: {399AE4FE-8257-4391-ACA2-03D10640CA80} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: {44D00F7D-2E99-4416-8743-FD678833029D} - \Driver Booster Scheduler -> Ning�n archivo <==== ATENCI�N
C:\Program Files\AVG
Task: {541E0C16-05FE-4626-B7C8-2F31B01936A4} - \AviraSystemSpeedupRemoval -> Ning�n archivo <==== ATENCI�N
Task: {5A249FF2-7A1E-45D8-A051-29384C8FEEF2} - \ASC11_SkipUac_MARCO -> Ning�n archivo <==== ATENCI�N
Task: {68225EDB-9F32-42EA-9C32-44D392418EA9} - System32\Tasks\{1902DC78-9F55-477F-B2DF-5AA15712EB4B} => C:\Windows\system32\pcalua.exe -a C:\Users\MARCO\Downloads\sp71924.exe -d C:\Users\MARCO\Downloads
Task: {6C6869E1-CF8D-48F2-9295-5562B4CF26F1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
C:\Program Files\Common Files\AVG
Task: {6EAEE979-DD32-4458-8824-5943C6147046} - System32\Tasks\{E0C19D5E-5921-41E4-8CEE-E03497043AFB} => C:\Windows\system32\pcalua.exe -a C:\Users\MARCO\Downloads\sp68507.exe -d C:\Users\MARCO\Downloads
Task: {7493090A-3374-432A-84B2-CE1C6CD1BD11} - \SmartGameBooster SkipUAC (MARCO) -> Ning�n archivo <==== ATENCI�N
Task: {A45BA722-7C7B-4576-8BDF-1C94EF3D120F} - System32\Tasks\Baidu LiveUpdate => C:\Program [Argument = Files (x86)\Baidu WiFiHotspot\liveupdate.exe]
C:\Program [Argument = Files (x86)\Baidu WiFiHotspot
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-pe/?ocid=iehp
Filter: text/xml - Sin valor CLSID
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] [2020-01-20]
FF Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] [2020-01-20]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] [2020-01-21]
FF Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] [2020-01-20] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-21]
CHR Extension: (Avira Navegaci�n segura) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-12-06]
CHR Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [8102192 2019-05-12] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
C:\Windows\SysWOW64\GameMon.des
S3 2776A55A; C:\Windows\system32\drivers\2776A55A.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 3111A584; C:\Windows\system32\drivers\3111A584.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
S3 56977697; C:\Windows\system32\drivers\56977697.sys [255928 2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531280 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klfltsdk; C:\Windows\System32\DRIVERS\klfltsdk.sys [252544 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [521336 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1107064 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klifsdk; C:\Windows\System32\DRIVERS\klifsdk.sys [1105536 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [212304 2019-11-19] (Kaspersky Lab -> AO Kaspersky Lab)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Users\MARCO\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATENCI�N
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U3 iswSvc; no ImagePath
S4 RsFx0153; system32\DRIVERS\RsFx0153.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
2020-01-29 16:29 - 2020-01-29 16:32 - 180843448 _____ (AO Kaspersky Lab) C:\Users\MARCO\Desktop\KVRT(1).exe
2020-01-29 16:21 - 2020-01-29 16:21 - 000000000 ____D C:\Users\MARCO\AppData\Local\ESET
2020-01-29 16:20 - 2020-01-29 16:20 - 008166712 _____ (ESET spol. s r.o.) C:\Users\MARCO\Desktop\ESETOnlineScanner_ESL.exe
2020-01-28 22:26 - 2020-01-28 23:19 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\56977697.sys
2020-01-28 14:05 - 2020-01-28 23:19 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-01-28 14:05 - 2020-01-28 14:05 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\22C48647.sys
2020-01-28 13:57 - 2020-01-28 23:10 - 000004992 _____ C:\Users\MARCO\Desktop\mb-clean-results.txt
2020-01-28 13:49 - 2020-01-28 13:51 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\3111A584.sys
2020-01-28 13:40 - 2020-01-28 13:40 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\D47B913F.sys
2020-01-28 13:38 - 2020-01-28 13:39 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\2776A55A.sys
2020-01-28 12:01 - 2020-01-28 12:01 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\437221E7.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 001107064 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000531280 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kl1.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000521336 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klgse.sys
2020-01-28 11:37 - 2019-11-19 15:21 - 000147680 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2020-01-28 10:55 - 2020-01-28 10:55 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\1341168F.sys
2020-01-28 10:23 - 2020-01-28 23:19 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-01-28 10:23 - 2020-01-28 10:23 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\52279262.sys
2020-01-28 10:15 - 2020-01-28 13:36 - 000000000 ____D C:\Users\MARCO\Desktop\mbar
2020-01-28 10:14 - 2020-01-28 10:15 - 014178840 _____ (Malwarebytes Corp.) C:\Users\MARCO\Downloads\mbar-1.10.3.1001.exe
2020-01-28 08:37 - 2020-01-28 08:37 - 005950728 _____ (Check Point Software Technologies Ltd.) C:\Users\MARCO\Downloads\zaSetupWeb_158_023_18219.exe
2020-01-21 21:17 - 2020-01-21 21:17 - 008237744 _____ (Malwarebytes) C:\Users\MARCO\Downloads\adwcleaner_8.0.1.exe
2020-01-20 22:14 - 2020-01-20 22:14 - 000000171 _____ C:\Users\MARCO\Downloads\Activation KEY para activar avast driver update.rar
2020-01-20 11:51 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2020-01-20 11:50 - 2020-01-20 11:50 - 038191600 _____ (Panda Security ) C:\Users\MARCO\Downloads\PandaCloudCleaner.exe
2020-01-20 11:43 - 2020-01-20 11:43 - 000230080 _____ (AVAST Software) C:\Users\MARCO\Downloads\avast_premium_security_setup_online.exe
2020-01-20 11:34 - 2020-01-20 11:34 - 000281376 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\25779457.sys
2020-01-19 17:18 - 2020-01-20 11:24 - 000000000 ____D C:\KVRT_Data
2020-01-19 16:31 - 2020-01-19 17:09 - 180602296 _____ (AO Kaspersky Lab) C:\Users\MARCO\Downloads\KVRT.exe
2020-01-19 16:26 - 2020-01-19 16:26 - 002818392 _____ (Kaspersky) C:\Users\MARCO\Downloads\kts20.0.14.1085abces_19506.exe
2020-01-18 10:10 - 2020-01-18 10:10 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2020-01-18 10:09 - 2020-01-25 19:22 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2020-01-28 13:35 - 2017-07-18 23:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\IObit
2020-01-28 12:44 - 2018-10-10 22:32 - 000000000 ____D C:\ProgramData\PCGameBoost
2020-01-25 19:22 - 2018-09-27 15:02 - 000003184 _____ C:\Windows\system32\Tasks\Baidu LiveUpdate
2020-01-19 16:27 - 2018-05-04 16:45 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-01-18 10:40 - 2018-03-17 16:35 - 000000000 ____D C:\Users\MARCO\AppData\Local\Avg
2020-01-18 10:40 - 2018-03-08 00:40 - 000000000 ____D C:\ProgramData\Avg
FCheck: C:\Windows\SNVerifyDLL.dll [2005-01-18] <==== ATENCI�N (cero bytes Archivo/Carpeta)
ZoneAlarm Antivirus (HKLM-x32\...\{61CE6095-350F-4EE7-AAE9-50FC9FFBBB90}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ning�n archivo
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ning�n archivo
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} =>  -> Ning�n archivo
ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Ning�n archivo
ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll -> Ning�n archivo
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\?o??? ? ???e??e?.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://skupkav.ru/?utm_source=startlink03&utm_content=0bfd739aabc09f087131cb2df69fbefa&utm_term=CA22F2BBBE8DCDEC22046C966D20F70C&utm_d=20180106"
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
AlternateDataStreams: C:\Users\Public\AppData:CSM [434]
C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\?o??? ? ???e??e?.lnk
MSCONFIG\Services: AVG Antivirus => 2
MSCONFIG\Services: avgbIDSAgent => 3

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Procesos cerrados correctamente.
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => eliminado correctamente
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => eliminado correctamente
"HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => eliminado correctamente
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab8f3470-0919-11e9-879c-acd1b8a31200} => eliminado correctamente
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5023f79-c066-11e8-8dc8-acd1b8a31200} => eliminado correctamente
"HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => eliminado correctamente
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Norton Download Manager{NIS2281014-SHPD-FSD57026}" => eliminado correctamente
C:\Users\Public\Downloads\Norton => movido correctamente
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => eliminado correctamente
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\system32\GroupPolicy\User => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BC3304C-69CC-48BE-BFCB-38E90D4DA25E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BC3304C-69CC-48BE-BFCB-38E90D4DA25E}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{24AC60FB-2E37-420F-AC28-E8CA289AE6FF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24AC60FB-2E37-420F-AC28-E8CA289AE6FF}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft Office 15 Sync Maintenance for MARCO-PC-MARCO MARCO-PC" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{399AE4FE-8257-4391-ACA2-03D10640CA80}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{399AE4FE-8257-4391-ACA2-03D10640CA80}" => eliminado correctamente
C:\Windows\System32\Tasks\Antivirus Emergency Update => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Antivirus Emergency Update" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{44D00F7D-2E99-4416-8743-FD678833029D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44D00F7D-2E99-4416-8743-FD678833029D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => no encontrado
"C:\Program Files\AVG" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{541E0C16-05FE-4626-B7C8-2F31B01936A4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{541E0C16-05FE-4626-B7C8-2F31B01936A4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AviraSystemSpeedupRemoval" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A249FF2-7A1E-45D8-A051-29384C8FEEF2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A249FF2-7A1E-45D8-A051-29384C8FEEF2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC11_SkipUac_MARCO" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68225EDB-9F32-42EA-9C32-44D392418EA9}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68225EDB-9F32-42EA-9C32-44D392418EA9}" => eliminado correctamente
C:\Windows\System32\Tasks\{1902DC78-9F55-477F-B2DF-5AA15712EB4B} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1902DC78-9F55-477F-B2DF-5AA15712EB4B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6C6869E1-CF8D-48F2-9295-5562B4CF26F1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C6869E1-CF8D-48F2-9295-5562B4CF26F1}" => eliminado correctamente
C:\Windows\System32\Tasks\AVG\Overseer => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => eliminado correctamente
"C:\Program Files\Common Files\AVG" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EAEE979-DD32-4458-8824-5943C6147046}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EAEE979-DD32-4458-8824-5943C6147046}" => eliminado correctamente
C:\Windows\System32\Tasks\{E0C19D5E-5921-41E4-8CEE-E03497043AFB} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0C19D5E-5921-41E4-8CEE-E03497043AFB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7493090A-3374-432A-84B2-CE1C6CD1BD11}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7493090A-3374-432A-84B2-CE1C6CD1BD11}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartGameBooster SkipUAC (MARCO)" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A45BA722-7C7B-4576-8BDF-1C94EF3D120F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A45BA722-7C7B-4576-8BDF-1C94EF3D120F}" => eliminado correctamente
C:\Windows\System32\Tasks\Baidu LiveUpdate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu LiveUpdate" => eliminado correctamente
"C:\Program [Argument = Files (x86)\Baidu WiFiHotspot" => no encontrado
"HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => eliminado correctamente
HKLM\Software\Classes\PROTOCOLS\Filter\Filter: text/xml - Sin valor CLSID => no encontrado
Filter: text/xml - Sin valor CLSID => no pudo ser eliminado.: incorrect path. 
C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] => movido correctamente
C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default\Extensions\[email protected] => movido correctamente
C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] => movido correctamente
C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\[email protected] => movido correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
C:\Program Files\VideoLAN\VLC\npvlc.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => no encontrado
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-21] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Avira Navegaci�n segura) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-12-06] => Error: Ninguna corrección automática encontrada para esta entrada.
CHR Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-21] => Error: Ninguna corrección automática encontrada para esta entrada.
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
HKLM\System\CurrentControlSet\Services\npggsvc => eliminado correctamente
npggsvc => servicio eliminado correctamente
C:\Windows\SysWOW64\GameMon.des => movido correctamente
HKLM\System\CurrentControlSet\Services\2776A55A => eliminado correctamente
2776A55A => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\3111A584 => eliminado correctamente
3111A584 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\56977697 => eliminado correctamente
56977697 => servicio eliminado correctamente
kl1 => No se puede detener el servicio.
HKLM\System\CurrentControlSet\Services\kl1 => eliminado correctamente
kl1 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\klfltsdk => eliminado correctamente
klfltsdk => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\klgse => eliminado correctamente
klgse => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\klhk => eliminado correctamente
klhk => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\klifsdk => eliminado correctamente
klifsdk => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\klwtp => eliminado correctamente
klwtp => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\PSKMAD => eliminado correctamente
PSKMAD => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz136 => eliminado correctamente
cpuz136 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz138 => eliminado correctamente
cpuz138 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz143 => eliminado correctamente
cpuz143 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\cpuz145 => eliminado correctamente
cpuz145 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\GPUZ => eliminado correctamente
GPUZ => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\iswSvc => eliminado correctamente
iswSvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RsFx0153 => eliminado correctamente
RsFx0153 => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ZAM => eliminado correctamente
ZAM => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ZAM_Guard => eliminado correctamente
ZAM_Guard => servicio eliminado correctamente
C:\Users\MARCO\Desktop\KVRT(1).exe => movido correctamente
C:\Users\MARCO\AppData\Local\ESET => movido correctamente
C:\Users\MARCO\Desktop\ESETOnlineScanner_ESL.exe => movido correctamente
C:\Windows\system32\Drivers\56977697.sys => movido correctamente
"C:\Windows\system32\Drivers\mbamchameleon.sys" => no encontrado
C:\Windows\system32\Drivers\22C48647.sys => movido correctamente
C:\Users\MARCO\Desktop\mb-clean-results.txt => movido correctamente
C:\Windows\system32\Drivers\3111A584.sys => movido correctamente
C:\Windows\system32\Drivers\D47B913F.sys => movido correctamente
C:\Windows\system32\Drivers\2776A55A.sys => movido correctamente
C:\Windows\system32\Drivers\437221E7.sys => movido correctamente
C:\Windows\system32\Drivers\klhk.sys => movido correctamente
C:\Windows\system32\Drivers\kl1.sys => movido correctamente
C:\Windows\system32\Drivers\klgse.sys => movido correctamente
C:\Windows\system32\klhkum.dll => movido correctamente
C:\Windows\system32\Drivers\1341168F.sys => movido correctamente
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => movido correctamente
C:\Windows\system32\Drivers\52279262.sys => movido correctamente
C:\Users\MARCO\Desktop\mbar => movido correctamente
C:\Users\MARCO\Downloads\mbar-1.10.3.1001.exe => movido correctamente
C:\Users\MARCO\Downloads\zaSetupWeb_158_023_18219.exe => movido correctamente
C:\Users\MARCO\Downloads\adwcleaner_8.0.1.exe => movido correctamente
C:\Users\MARCO\Downloads\Activation KEY para activar avast driver update.rar => movido correctamente
C:\Windows\system32\Drivers\PSKMAD.sys => movido correctamente
C:\Users\MARCO\Downloads\PandaCloudCleaner.exe => movido correctamente
C:\Users\MARCO\Downloads\avast_premium_security_setup_online.exe => movido correctamente
C:\Windows\system32\Drivers\25779457.sys => movido correctamente
C:\KVRT_Data => movido correctamente
C:\Users\MARCO\Downloads\KVRT.exe => movido correctamente
C:\Users\MARCO\Downloads\kts20.0.14.1085abces_19506.exe => movido correctamente
C:\Windows\system32\Tasks\AVG => movido correctamente
"C:\Windows\system32\Tasks\Antivirus Emergency Update" => no encontrado
C:\Users\MARCO\AppData\Roaming\IObit => movido correctamente
C:\ProgramData\PCGameBoost => movido correctamente
"C:\Windows\system32\Tasks\Baidu LiveUpdate" => no encontrado
C:\ProgramData\Kaspersky Lab Setup Files => movido correctamente
C:\Users\MARCO\AppData\Local\Avg => movido correctamente
C:\ProgramData\Avg => movido correctamente
C:\Windows\SNVerifyDLL.dll => movido correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{61CE6095-350F-4EE7-AAE9-50FC9FFBBB90}\\SystemComponent" => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}\\SystemComponent" => eliminado correctamente
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{713DC4CA-80B3-4349-9257-7D99320848A2}\\SystemComponent" => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\TuneUp Shredder Shell Extension => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ZLAVShExt => eliminado correctamente
HKLM\Software\Classes\CLSID\{D9872D13-7651-4471-9EEE-F0A00218BEBB} => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ZLAVShExt => eliminado correctamente
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => eliminado correctamente
"BVTFilter" => eliminado correctamente
"BVTConsumer" => eliminado correctamente
C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\?o??? ? ???e??e?.lnk => No se pudo eliminar ni reparar el argumento de acceso directo. El acceso directo podría estar dañado.
C:\ProgramData\Temp => ":5C321E34" ADS eliminado correctamente
C:\Users\Public\AppData => ":CSM" ADS eliminado correctamente
"C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\?o??? ? ???e??e?.lnk" => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AVG Antivirus => eliminado correctamente
HKLM\System\CurrentControlSet\Services\AVG Antivirus => no encontrado
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avgbIDSAgent => eliminado correctamente
HKLM\System\CurrentControlSet\Services\avgbIDSAgent => no encontrado

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows. Aseg£rese de que el servicio se est  ejecutando e intente la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 91922230 B
Java, Flash, Steam htmlcache => 28500987 B
Windows/system/drivers => 1202926 B
Edge => 0 B
Chrome => 32814138 B
Firefox => 820271153 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 167389 B
systemprofile32 => 233349 B
LocalService => 349209 B
NetworkService => 457803 B
MARCO => 20027261 B

RecycleBin => 67605499 B
EmptyTemp: => 1022.5 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 00:21:07 ====

Al pasar Revo uninstall: no habia Zonealarm , ni firewall y security , El zonealarm , yo ya lo habia desinstalado anteriormente con Revo

Hola @marcobh1

Lo se pero todavía había restos ocultos en el reporte de FRST se veía como programa instalado y oculto (Hidden)

 ZoneAlarm Antivirus (HKLM-x32\...\{61CE6095-350F-4EE7-AAE9-50FC9FFBBB90}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{478D89DB-1BBD-47D3-9F8A-8A5991194D54}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden
 ZoneAlarm Security (HKLM-x32\...\{713DC4CA-80B3-4349-9257-7D99320848A2}) (Version: 15.8.023.18219 - Check Point Software Technologies Ltd.) Hidden

Ahora vuelve a ejecutar FRST como la primera vez que te lo indique y nos traes sus reportes frescos.

Ademas prueba el equipo y nos comentas como va, ya lo analizaremos con las demás herramientas no te apures aun no instales nada.

Salu2

uhhh estaba revisando mi revo, puse en configuraciones todos los programas y marque mostrar archivos del sistema , y ya Ahora si puedo ver el zonealarm antivirus , firewall y security , procedo a desinstalarlos?

Este es mi nuevos reportes FRST hy Addition txt despues de desinstalar Zonealarm antivirus, firewall y security::

FRST:


Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 27-01-2020
Ejecutado por MARCO (administrador) sobre MARCO-PC (Hewlett-Packard HP Pavilion 15 Notebook PC) (30-01-2020 08:48:28)
Ejecutado desde C:\Users\MARCO\Desktop
Perfiles cargados: MARCO (Perfiles disponibles: MARCO)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 8 (Navegador predeterminado: FF)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(FlashTECH) [Archivo no firmado] C:\Program Files (x86)\Digital Clock\DigitalClock.exe
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard -> HP) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company) [Archivo no firmado] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Karl Sabo -> AMD) C:\Windows\System32\atieclxx.exe
(Karl Sabo -> AMD) C:\Windows\System32\atiesrxx.exe
(MetaQuotes Software Corp. -> MetaQuotes Software Corp.) C:\Program Files\ICMarkets - MetaTrader 5\terminal64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\AvrcpService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\RtkBleServ.exe
(Solid Documents -> Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VS Revo Group -> VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => c:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [Archivo no firmado]
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [218055 2014-06-16] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4514304 2014-08-26] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2022855 2013-03-07] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Winlogon: [Shell] C:\Windows\explorer.exe,
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{F146C9B1-VMVQ-A9RC-NUFL-D0BA00B4E999}] -> C:\Users\MARCO\AppData\Roaming\mrsys.exe MR
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
AppInit_DLLs-x32: C:\PROGRA~1\COMMON~1\System\symsrv.dll => C:\Program Files\Common Files\System\symsrv.dll [69337 2020-01-25] (Microsoft Corporation) [Archivo no firmado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-10-15]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (Ningún archivo)
Startup: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Clock.lnk [2020-01-30]
ShortcutTarget: Desktop Clock.lnk -> C:\Program Files (x86)\Digital Clock\DigitalClock.exe (FlashTECH) [Archivo no firmado]

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0FC7DCDF-3E8C-4381-9571-0966F6EB337D} - System32\Tasks\{5444AB9F-3606-4102-927B-3E02CAD9ABC5} => C:\Users\MARCO\Downloads\RADEON RESOLUTION MODIFICADOR\RCRM\RCRM.exe
Task: {1125C16C-F877-479A-B8EA-0DF4CBE2EB62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {16314D27-E043-4CAB-AC8D-F08AA4C7F4FD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1981365817-1338075218-4232470481-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {19E06852-49B8-44A5-B867-2406DD1B10B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [124280 2018-08-30] (HP Inc. -> HP Inc.)
Task: {1A02DC0D-D0AC-4C56-A7CC-DAC45A6B86F5} - System32\Tasks\HPCustParticipation HP Ink Tank 310 series => C:\Program Files\HP\HP Ink Tank 310 series\Bin\HPCustPartic.exe [6661256 2018-07-27] (Hewlett Packard -> HP Inc.)
Task: {29C5AADD-5463-4ADB-A559-FF1A7B886802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {356DA76A-535A-4251-8832-E0BA74807C78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-29] (Google Inc -> Google LLC)
Task: {4503F582-58D9-441F-8B6F-B58B5C498E97} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1432831 2014-05-19] (Hewlett-Packard Development Company, L.P.) [Archivo no firmado]
Task: {54D86A0F-3173-4C67-9F69-C647FA2EC569} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-22] (Adobe Inc. -> Adobe)
Task: {5B16BE01-555E-44C8-A41D-E2BB61E85F41} - System32\Tasks\Programa de actualización online de InstallShield Software => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
Task: {739ACFFA-49A5-4C3A-AE6A-FC87FC51C172} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {76C31621-24B1-4157-9C86-6B51806F76FE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {8E3EB10A-B93E-452C-BEBF-510138AF3B73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {92A35F84-3E19-4560-B738-E33A9BC9FAF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {9BB000DD-3F21-48A0-8FC1-113430BF50B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {B358FAAC-1722-4DCA-BA67-C4795C1156D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9A97D2A-C9EE-410E-913D-490748EE299E} - System32\Tasks\{A5DB3238-8D23-425C-8170-44BB3A290139} => C:\Users\MARCO\Downloads\RADEON RESOLUTION MODIFICADOR\RCRM\RCRM.exe
Task: {BD5D08DB-4593-4490-810E-7CDF6A6BAC99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {D308E8C2-3AAF-4C55-9D6F-9F38F3D1DEF7} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D9925AF0-C472-41E0-9A1B-356217B20603} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-22] (Adobe Inc. -> Adobe)
Task: {DB779A5E-0E79-4510-8578-1AE9E2C76065} - System32\Tasks\InstallShield Update Service => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
Task: {E21C15FC-1D2F-4F79-AE5D-63C4329C559F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {E43D54D0-A735-4C1D-A745-F70D0FED6354} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-29] (Google Inc -> Google LLC)
Task: {F23A42B0-FE9F-43F9-9FFD-CF26D9AF9EA3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA199D7F-101C-4BF3-A398-CB0DC05E155F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1981365817-1338075218-4232470481-1000 => C:\Users\MARCO\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{FF5B5A6B-C816-4A64-8F6C-634B737DB908}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] () [Archivo no firmado]
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) [Archivo no firmado]
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] () [Archivo no firmado]
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
Filter: text/xml - Sin valor CLSID
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

FireFox:
========
FF DefaultProfile: 84a3zxsw.default
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\84a3zxsw.default [2020-01-30]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release [2020-01-30]
FF Notifications: Mozilla\Firefox\Profiles\i0v2cppl.default-release -> hxxps://forospyware.com
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\i0v2cppl.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2019-05-05] [Heredado]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected] [2019-05-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-22] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-22] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2017-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default [2020-01-30]
CHR Extension: (Presentaciones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-29]
CHR Extension: (Documentos) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-29]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-29]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-29]
CHR Extension: (Foxit PDF Creator) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2020-01-21]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-01-21]
CHR Extension: (Hojas de cálculo) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-29]
CHR Extension: (Avira Navegación segura) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-12-06]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-19]
CHR Extension: (Avast Online Security) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [249344 2016-02-26] (Karl Sabo -> AMD)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Archivo no firmado]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [Archivo no firmado]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1208039 2014-05-19] (Hewlett-Packard Company) [Archivo no firmado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc. -> HP Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2018-04-19] (Even Balance, Inc. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268368 2019-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [50688 2016-09-20] (Realtek Semiconductor Corporation) [Archivo no firmado]
R2 SPDFCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [262904 2015-03-03] (Solid Documents -> Solid Documents, LLC)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-12-07] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [53760 2017-12-07] (Hewlett-Packard -> HP)
R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [117608 2017-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [23981568 2016-02-26] (Karl Sabo -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [674816 2016-02-26] (Karl Sabo -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [70368 2016-02-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237840 2015-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [85704 2015-03-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2015-03-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [30208 2016-08-31] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.) [Archivo no firmado]
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.) [Archivo no firmado]
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2017-07-20] () [Archivo no firmado]
R3 BthAudioHF; C:\Windows\System32\drivers\RtkHfp.sys [103168 2015-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [135520 2019-07-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40960 2017-12-07] (Hewlett-Packard -> HP)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-18] (Martin Malik - REALiX -> REALiX(tm))
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2017-07-20] () [Archivo no firmado]
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [43088 2014-08-14] (Mainline Net Holdings Limited -> NT Kernel Resources)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0116.sys [38088 2018-10-15] (SoftEther Corporation -> SoftEther Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
S3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [707072 2009-06-10] (Microsoft Windows -> Ralink Technology, Corp.)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [329184 2017-09-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RtkA2dp; C:\Windows\System32\drivers\RtkA2dp.sys [193280 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\Windows\System32\DRIVERS\RtkAvrcp.sys [73712 2015-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [722944 2017-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [3127552 2017-07-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [6703944 2017-12-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2017-04-13] (Razer Inc. -> Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11973 2019-10-12] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Archivo no firmado]
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver_AMDASF.sys [47704 2017-12-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166752 2019-07-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [60640 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 vjoy; C:\Windows\System32\DRIVERS\vjoy.sys [57976 2017-04-06] (Shaul Eizikovich -> Shaul Eizikovich)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [461240 2019-11-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (Splitmedialabs Limited -> SplitmediaLabs Limited)
S2 AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-30 08:48 - 2020-01-30 08:49 - 000035427 _____ C:\Users\MARCO\Desktop\FRST.txt
2020-01-30 08:18 - 2020-01-30 08:18 - 000000000 ____D C:\Users\MARCO\Desktop\archivos frst
2020-01-30 00:31 - 2020-01-30 00:31 - 000001512 _____ C:\Users\MARCO\Desktop\mb-clean-results.txt
2020-01-30 00:18 - 2020-01-30 00:21 - 000034355 _____ C:\Users\MARCO\Desktop\Fixlog.txt
2020-01-30 00:08 - 2020-01-30 00:08 - 000000257 _____ C:\Users\MARCO\Desktop\DelFix.txt
2020-01-30 00:07 - 2020-01-30 00:07 - 000000257 _____ C:\DelFix.txt
2020-01-30 00:07 - 2020-01-30 00:07 - 000000000 ____D C:\Windows\ERUNT
2020-01-30 00:05 - 2020-01-30 00:05 - 000876039 _____ C:\Users\MARCO\Desktop\delfix.exe
2020-01-30 00:03 - 2020-01-30 00:03 - 398010326 _____ C:\Users\MARCO\Documents\COPIA DE SEGURIDAD DE REGISTRO.reg
2020-01-29 16:45 - 2020-01-29 22:09 - 000000547 _____ C:\Users\MARCO\Desktop\ESET Online Scanner.lnk
2020-01-29 16:38 - 2020-01-30 08:48 - 000000000 ____D C:\FRST
2020-01-29 16:36 - 2020-01-29 16:37 - 002581504 _____ (Farbar) C:\Users\MARCO\Desktop\FRST64.exe
2020-01-29 12:38 - 2020-01-29 12:38 - 000000000 ____D C:\ProgramData\PC Faster
2020-01-29 12:37 - 2020-01-29 12:37 - 000000000 ____D C:\Users\Public\Documents\PC Faster
2020-01-29 12:37 - 2020-01-29 12:37 - 000000000 ____D C:\ProgramData\Documents\PC Faster
2020-01-29 09:25 - 2020-01-29 09:25 - 000002409 _____ C:\Users\MARCO\Desktop\ZHPCleaner (R).txt
2020-01-29 08:34 - 2020-01-29 08:34 - 000002237 _____ C:\Users\MARCO\Desktop\ZHPCleaner (S).txt
2020-01-28 23:23 - 2020-01-28 23:23 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\WinRAR
2020-01-28 23:18 - 2020-01-28 23:48 - 000000000 ____D C:\Users\MARCO\Downloads\rootear g955f
2020-01-28 22:13 - 2020-01-28 22:25 - 001036736 _____ () C:\Users\MARCO\Downloads\OneClickRoot.exe
2020-01-28 13:56 - 2020-01-28 13:56 - 000937191 _____ (Malwarebytes) C:\Users\MARCO\Desktop\mb-clean-3.1.0.1035.exe
2020-01-28 11:37 - 2020-01-28 11:38 - 000441016 _____ C:\Windows\system32\Drivers\vsconfig.xml
2020-01-28 11:13 - 2020-01-28 11:13 - 003307744 _____ (Alexander Roshal) C:\Users\MARCO\Downloads\winrar-x64-580es.exe
2020-01-28 11:13 - 2020-01-28 11:13 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-28 11:13 - 2020-01-28 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-28 11:13 - 2020-01-28 11:13 - 000000000 ____D C:\Program Files\WinRAR
2020-01-28 08:22 - 2020-01-28 08:22 - 003410247 _____ (Nicolas Coolman) C:\Users\MARCO\ZHPCleaner.exe
2020-01-26 23:53 - 2020-01-27 10:24 - 003001324 _____ C:\Users\MARCO\Downloads\Chame(www.elandroidhd.com).apk
2020-01-26 23:10 - 2020-01-26 23:10 - 000001307 _____ C:\Users\Public\Desktop\Samsung Tool PRO.lnk
2020-01-26 23:10 - 2020-01-26 23:10 - 000001307 _____ C:\ProgramData\Desktop\Samsung Tool PRO.lnk
2020-01-26 23:09 - 2020-01-28 08:51 - 000003390 _____ C:\Users\MARCO\AppData\Local\icsys.icn
2020-01-26 22:44 - 2020-01-26 22:49 - 000000000 ____D C:\Users\MARCO\Documents\Android_MTK
2020-01-23 15:38 - 2020-01-23 15:38 - 000073004 _____ C:\Users\MARCO\Downloads\WT_SR-Redondos_v1.4.ex5
2020-01-22 08:31 - 2020-01-26 22:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-21 23:16 - 2020-01-29 09:25 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ZHP
2020-01-21 23:16 - 2020-01-28 08:22 - 000000641 _____ C:\Users\MARCO\Desktop\ZHPCleaner.lnk
2020-01-21 23:16 - 2020-01-21 23:16 - 000000000 ____D C:\Users\MARCO\AppData\Local\ZHP
2020-01-21 21:53 - 2020-01-25 22:04 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2020-01-21 21:53 - 2020-01-21 21:53 - 000001095 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2020-01-21 21:53 - 2020-01-21 21:53 - 000001095 _____ C:\ProgramData\Desktop\SpywareBlaster.lnk
2020-01-21 21:53 - 2020-01-21 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2020-01-21 21:53 - 2012-05-02 12:17 - 001070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2020-01-21 21:53 - 2009-03-24 13:52 - 000129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2020-01-21 21:42 - 2020-01-21 21:44 - 004291320 _____ (BrightFort LLC ) C:\Users\MARCO\Downloads\spywareblastersetup55.exe
2020-01-21 08:56 - 2020-01-21 08:56 - 000000000 ____D C:\Users\Public\Foxit Software
2020-01-21 08:56 - 2020-01-21 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2020-01-21 08:55 - 2020-01-21 08:55 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2020-01-20 23:03 - 2018-04-02 10:41 - 000057924 _____ C:\Windows\system32\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-01-20 23:03 - 2018-04-02 10:41 - 000049424 _____ C:\Windows\system32\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-01-20 23:03 - 2018-04-02 10:41 - 000044660 _____ C:\Windows\system32\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll
2020-01-20 23:03 - 2016-09-20 19:00 - 000001156 _____ C:\Windows\PidVid_List.dll
2020-01-20 22:54 - 2020-01-20 22:56 - 009821336 _____ (HP Inc.) C:\Users\MARCO\Downloads\sp67743.exe
2020-01-20 12:49 - 2020-01-20 12:49 - 000005572 _____ C:\TDSSKiller.3.1.0.28_20.01.2020_12.49.28_log.txt
2020-01-20 11:51 - 2015-09-14 13:03 - 000039672 _____ C:\Windows\system32\Drivers\DasPtct.SYS
2020-01-20 11:34 - 2020-01-20 11:34 - 000000000 ____D C:\TDSSKiller_Quarantine
2020-01-20 11:30 - 2020-01-20 11:34 - 000765900 _____ C:\TDSSKiller.3.1.0.28_20.01.2020_11.30.12_log.txt
2020-01-20 10:52 - 2020-01-20 10:52 - 000001919 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T-UnLock.lnk
2020-01-20 10:52 - 2020-01-20 10:52 - 000001913 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\T-UnLock.lnk
2020-01-20 10:37 - 2020-01-26 23:09 - 000000000 ____D C:\Program Files (x86)\Z3X
2020-01-20 10:02 - 2020-01-20 10:02 - 000228907 _____ C:\Users\MARCO\Downloads\Advanced_IMEI_Generator_v1.00.zip
2020-01-20 01:22 - 2020-01-20 01:23 - 002482948 _____ C:\Users\MARCO\Downloads\PhoneCopier_4_2_1_26507.apk
2020-01-20 01:20 - 2020-01-20 01:25 - 038590136 _____ (COMPELSON Laboratories ) C:\Users\MARCO\Downloads\setup_ME_PHONEMANAGER_10_2_0_26539.exe
2020-01-20 00:40 - 2018-01-12 13:55 - 000006505 _____ C:\Users\MARCO\Downloads\Miracle Box 2.54 keygen License.txt
2020-01-19 22:09 - 2020-01-19 22:10 - 050806689 _____ C:\Users\MARCO\Downloads\CF-Auto-Root-dream2qltesq-dream2qltesq-smg955u.zip
2020-01-19 21:46 - 2019-07-10 00:08 - 000166752 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2020-01-19 21:46 - 2019-07-10 00:08 - 000135520 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2020-01-19 17:20 - 2020-01-19 17:20 - 000111200 _____ C:\Users\MARCO\Downloads\fix.pdf
2020-01-19 16:09 - 2020-01-19 16:09 - 000000000 ____D C:\ProgramData\ProductData
2020-01-19 16:05 - 2020-01-19 16:05 - 000000000 ____D C:\Users\MARCO\Documents\AirDroid
2020-01-18 21:13 - 2020-01-26 22:20 - 000000000 ____D C:\Users\MARCO\Downloads\NUEVO ROOT GALAXY SM G955U OJALAAA
2020-01-18 16:13 - 2020-01-20 08:47 - 000000000 ____D C:\Users\MARCO\Downloads\PARA CAMBIAR imei
2020-01-18 15:54 - 2020-01-20 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
2020-01-18 14:20 - 2020-01-18 14:25 - 056148035 _____ (z3x-team ) C:\Users\MARCO\Downloads\SamsungToolPRO_30.5.exe
2020-01-18 10:21 - 2020-01-18 10:21 - 000000000 _____ C:\Windows\system32\last.dump
2020-01-18 10:05 - 2020-01-18 10:09 - 000000000 ____D C:\Samsung tool
2020-01-18 09:47 - 2020-01-18 09:49 - 036893384 _____ (Samsung Electronics Co., Ltd.) C:\Users\MARCO\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2020-01-17 12:21 - 2020-01-17 12:21 - 040486560 _____ (Samsung Electronics) C:\Users\MARCO\Downloads\SmartSwitch.exe
2020-01-14 14:17 - 2020-01-14 14:17 - 004371756 _____ C:\Users\MARCO\Downloads\SM-G950F SCHEMATICS HALABTECH.rar
2020-01-14 08:37 - 2020-01-14 08:37 - 000903580 _____ C:\Users\MARCO\Downloads\6-Texto del artículo-41-1-10-20171128.pdf
2020-01-14 08:32 - 2020-01-14 08:32 - 000751558 _____ C:\Users\MARCO\Downloads\Dialnet-ModeloPsicobiologicoDePersonalidadDeEysenck-6161336.pdf
2020-01-13 12:18 - 2020-01-13 16:38 - 000383098 _____ C:\Users\MARCO\Downloads\TEST_BARSIT.xlsx
2020-01-13 12:14 - 2020-01-13 12:14 - 000103936 _____ C:\Users\MARCO\Downloads\Hoja-de-calculo-TIP-3vf.xls
2020-01-10 12:07 - 2020-01-10 12:07 - 010671165 _____ C:\Users\MARCO\Downloads\Gerber, M. (2005). El mito del emprendedor. Paidós. ISBN 968-853-630-X.pdf
2020-01-08 21:47 - 2020-01-08 21:47 - 001307792 _____ (Plarium) C:\Users\MARCO\Downloads\RaidSetup.exe
2020-01-04 22:45 - 2020-01-04 22:46 - 009102410 _____ C:\Users\MARCO\Downloads\SM-G955U SCHEMATICS HALABTECH.rar
2020-01-04 22:24 - 2020-01-04 22:24 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Google
2020-01-04 16:16 - 2020-01-04 16:16 - 000001071 _____ C:\Users\Public\Desktop\Dragon Age Origins - Ultimate Edition.lnk
2020-01-04 16:16 - 2020-01-04 16:16 - 000001071 _____ C:\ProgramData\Desktop\Dragon Age Origins - Ultimate Edition.lnk
2020-01-04 16:16 - 2020-01-04 16:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Origins - Ultimate Edition
2020-01-04 11:06 - 2020-01-04 11:06 - 002466345 _____ C:\Users\MARCO\Downloads\lm80-p0598-4_b_pmm8920_pwr_mgt_mod_device_spec.pdf

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-30 08:27 - 2009-07-13 23:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-01-30 08:27 - 2009-07-13 23:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-01-30 08:17 - 2010-11-21 02:09 - 000880388 _____ C:\Windows\system32\perfh00A.dat
2020-01-30 08:17 - 2010-11-21 02:09 - 000209410 _____ C:\Windows\system32\perfc00A.dat
2020-01-30 08:17 - 2009-07-14 00:13 - 002049964 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-30 08:17 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2020-01-30 08:15 - 2017-07-18 23:16 - 000000000 ____D C:\Users\MARCO\AppData\LocalLow\Mozilla
2020-01-30 08:13 - 2018-05-05 21:39 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashDumps
2020-01-30 08:12 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-30 00:50 - 2017-07-18 19:52 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-01-30 00:24 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\System
2020-01-30 00:22 - 2017-07-20 17:26 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-01-30 00:21 - 2017-09-21 21:39 - 000000000 ____D C:\Windows\pss
2020-01-30 00:18 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-01-30 00:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-01-29 22:07 - 2017-07-22 23:18 - 000000000 ____D C:\Users\MARCO\AppData\Local\ElevatedDiagnostics
2020-01-29 21:56 - 2019-09-16 20:40 - 000002007 _____ C:\Users\Public\Desktop\ICMarkets - MetaTrader 5.lnk
2020-01-29 21:56 - 2019-09-16 20:40 - 000002007 _____ C:\ProgramData\Desktop\ICMarkets - MetaTrader 5.lnk
2020-01-29 21:28 - 2018-03-20 22:40 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2020-01-28 10:52 - 2017-07-18 18:22 - 000000000 ____D C:\Users\MARCO
2020-01-28 10:52 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system
2020-01-28 09:59 - 2017-12-12 23:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-01-25 19:54 - 2018-05-29 10:08 - 000000000 ____D C:\ProgramData\Temp
2020-01-25 19:25 - 2018-10-16 14:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\Battle.net
2020-01-25 19:22 - 2019-07-29 10:28 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-25 19:22 - 2019-07-29 10:28 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-25 19:22 - 2019-04-09 18:59 - 000004450 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-25 19:22 - 2018-11-16 19:42 - 000003560 _____ C:\Windows\system32\Tasks\HPCustParticipation HP Ink Tank 310 series
2020-01-25 19:22 - 2018-10-20 22:05 - 000004332 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-01-25 19:22 - 2018-10-06 22:56 - 000003724 _____ C:\Windows\system32\Tasks\InstallShield Update Service
2020-01-25 19:22 - 2018-04-24 14:25 - 000004230 _____ C:\Windows\system32\Tasks\AMD Updater
2020-01-25 19:22 - 2018-03-17 18:16 - 000003818 _____ C:\Windows\system32\Tasks\Programa de actualización online de InstallShield Software
2020-01-25 19:22 - 2018-03-10 21:44 - 000003002 _____ C:\Windows\system32\Tasks\{5444AB9F-3606-4102-927B-3E02CAD9ABC5}
2020-01-25 19:22 - 2018-03-10 21:40 - 000003002 _____ C:\Windows\system32\Tasks\{A5DB3238-8D23-425C-8170-44BB3A290139}
2020-01-24 16:32 - 2017-07-27 19:54 - 000000000 ____D C:\Users\MARCO\AppData\Local\JDownloader v2.0
2020-01-24 13:30 - 2018-07-10 16:50 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\vlc
2020-01-23 19:04 - 2019-07-23 11:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-23 15:38 - 2019-10-04 00:09 - 000000000 ____D C:\Users\MARCO\Desktop\Mis Indicadores y componentes de mi sistema de Trading
2020-01-22 08:59 - 2017-07-19 00:34 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-01-22 08:59 - 2017-07-19 00:34 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-01-22 08:59 - 2017-07-19 00:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-01-22 08:59 - 2017-07-19 00:33 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-21 21:32 - 2018-05-15 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2020-01-21 21:32 - 2018-05-15 16:58 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Samsung
2020-01-21 21:32 - 2018-05-15 16:57 - 000000000 ____D C:\Program Files (x86)\Samsung
2020-01-21 08:57 - 2017-07-19 00:44 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-21 08:56 - 2017-09-01 14:13 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Foxit Software
2020-01-20 23:03 - 2017-07-18 21:50 - 000000000 ____D C:\Program Files (x86)\Realtek
2020-01-20 23:02 - 2018-01-14 00:59 - 000000000 ____D C:\ProgramData\Realtek
2020-01-20 23:01 - 2017-07-18 19:45 - 000000000 ____D C:\SWSETUP
2020-01-20 22:59 - 2017-07-18 22:48 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\hpqLog
2020-01-20 21:31 - 2018-12-11 14:53 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Notepad++
2020-01-20 21:31 - 2018-12-11 14:53 - 000000000 ____D C:\Program Files\Notepad++
2020-01-20 21:30 - 2018-10-09 14:27 - 000000000 ____D C:\Users\MARCO\AppData\Local\Jagex
2020-01-20 21:30 - 2018-10-09 14:27 - 000000000 ____D C:\ProgramData\Jagex
2020-01-20 12:58 - 2019-08-05 22:57 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-20 12:58 - 2019-08-05 22:57 - 000000871 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-20 12:24 - 2018-10-23 00:17 - 000000000 ____D C:\Users\MARCO\AppData\Local\MEGAsync
2020-01-20 12:24 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Resources
2020-01-19 16:40 - 2018-05-10 22:14 - 000000000 ____D C:\ProgramData\Epic
2020-01-19 16:00 - 2019-07-23 11:15 - 000001916 _____ C:\Users\MARCO\Desktop\JRT.txt
2020-01-18 10:41 - 2017-07-18 22:27 - 000119240 _____ C:\Users\MARCO\AppData\Local\GDIPFONTCACHEV1.DAT
2020-01-18 10:33 - 2009-07-13 23:45 - 000460232 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-18 09:57 - 2018-05-15 16:58 - 000000000 ____D C:\ProgramData\Samsung
2020-01-17 12:24 - 2018-05-15 17:01 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log
2020-01-17 12:24 - 2018-05-15 17:01 - 000000000 ____D C:\ProgramData\Documents\NativeFus_Log
2020-01-17 11:56 - 2018-11-13 09:37 - 000000000 ____D C:\Users\MARCO\Desktop\hard disk sentinel
2020-01-16 08:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2020-01-14 21:24 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-01-14 08:36 - 2018-10-09 12:49 - 000000000 ____D C:\Users\MARCO\AppData\Local\Deployment
2020-01-12 09:57 - 2018-02-24 13:09 - 000000039 _____ C:\Windows\Model.txt
2020-01-09 23:53 - 2019-07-29 10:29 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-04 18:38 - 2017-07-19 23:23 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-01-04 16:16 - 2018-03-24 16:30 - 000000000 ____D C:\Users\MARCO\Documents\BioWare
2020-01-03 15:07 - 2019-12-11 21:49 - 000000353 _____ C:\Users\MARCO\Desktop\claves l latino.txt
2020-01-01 09:36 - 2018-10-09 21:54 - 000000000 ____D C:\ProgramData\install_clap
2020-01-01 09:36 - 2018-05-29 10:14 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\CyberLink
2020-01-01 09:36 - 2017-12-28 18:14 - 000000000 ____D C:\ProgramData\CyberLink
2020-01-01 09:34 - 2018-04-10 15:43 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2020-01-01 09:34 - 2017-07-18 21:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-01 09:33 - 2018-05-29 10:14 - 000000000 ____D C:\Users\MARCO\Documents\CyberLink
2020-01-01 09:33 - 2018-05-29 10:12 - 000000000 ____D C:\Users\MARCO\AppData\Local\CyberLink

==================== Archivos en la raíz de algunos directorios ========

2020-01-28 08:22 - 2020-01-28 08:22 - 003410247 _____ (Nicolas Coolman) C:\Users\MARCO\ZHPCleaner.exe
2018-10-23 17:02 - 2014-08-12 15:18 - 000001884 _____ () C:\Program Files (x86)\README.txt
2018-01-14 01:00 - 2020-01-30 08:15 - 024948393 _____ () C:\Users\MARCO\AppData\Local\BTServer.log
2018-05-29 10:05 - 2018-05-29 10:05 - 000003584 _____ () C:\Users\MARCO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-08 12:51 - 2018-08-31 00:04 - 001065984 _____ () C:\Users\MARCO\AppData\Local\file__0.localstorage
2020-01-26 23:09 - 2020-01-28 08:51 - 000003390 _____ () C:\Users\MARCO\AppData\Local\icsys.icn
2017-07-19 17:35 - 2019-03-28 18:05 - 000007608 _____ () C:\Users\MARCO\AppData\Local\Resmon.ResmonCfg
2019-11-07 09:16 - 2019-11-07 09:16 - 000000000 _____ () C:\Users\MARCO\AppData\Local\{42CAF5D7-1C3C-4DEE-9EE7-6D3801F206BC}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-01-28 13:15
==================== Final de FRST.txt ========================

y este es addition despues de desinstalar zonealarm:


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 27-01-2020
Ejecutado por MARCO (30-01-2020 08:49:36)
Ejecutado desde C:\Users\MARCO\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-07-18 23:22:47)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1981365817-1338075218-4232470481-500 - Administrator - Disabled)
Invitado (S-1-5-21-1981365817-1338075218-4232470481-501 - Limited - Disabled)
MARCO (S-1-5-21-1981365817-1338075218-4232470481-1000 - Administrator - Enabled) => C:\Users\MARCO

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{5A613379-D3AA-43B9-A82B-EE47703FC2D7}) (Version: 4.3.2.0703 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Aqua Garden Deluxe (HKLM-x32\...\{DC5CB799-5324-4DEA-8014-50D5CCABF547}) (Version: 1.01 - Formosoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.45.10 - Bethesda Softworks)
Brother MFL-Pro Suite DCP-T700W (HKLM-x32\...\{BA07A125-6AC7-4293-89D6-391676FFD041}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Cashflow 101 + 202 lite v.1.2 (HKLM-x32\...\{6F652078-1622-48B7-911C-0929E0D6B636}_is1) (Version:  - CFGAME.RU)
Catalyst Control Center Next Localization IT (HKLM\...\{04F0FFCB-D9A5-2332-2697-CA47C0424AF2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Core Temp 1.12.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.12.1 - ALCPU)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Cronómetro (HKLM-x32\...\{9A15B08E-D2AF-45E5-9479-B539DEE57E60}) (Version: 1.0.1 - Rickypauel)
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Digital Clock 1.0 (HKLM-x32\...\Digital Clock) (Version: 1.0 - FlashTECH)
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Age Origins - Ultimate Edition versión 1.05 (HKLM-x32\...\Dragon Age Origins - Ultimate Edition_is1) (Version: 1.05 - Bioware)
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version:  - Microsoft)
Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Electrum (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\Electrum) (Version: 3.3.7 - Electrum Technologies GmbH)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Estudio para la mejora del producto HP Ink Tank 310 series (HKLM\...\{DAD2E186-2A3A-4A03-B77F-D912AD76B476}) (Version: 45.3.2597.18208 - HP Inc.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Foxit PhantomPDF (HKLM-x32\...\{33c353c9-5748-4e71-b8d4-c38ef6cc82f3}) (Version: 9.6.0.25114 - Foxit Software Inc.)
Foxit PhantomPDF (HKLM-x32\...\{8B8EA992-9CEA-11E9-A74D-54BF64A63C26}) (Version: 9.6.0.25114 - Foxit Software Inc.) Hidden
Fritz 15 64-bit (HKLM\...\{E055F983-1A0C-4A1B-84BE-A0E5F03F279C}) (Version: 15.3.0.0 - ChessBase)
FxPro cTrader (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\9f1e138e05e3e925) (Version: 3.6.65534.35688 - FxPro cTrader)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Dropbox Plugin (HKLM-x32\...\{E33A1540-AF13-4F30-BEB5-3F4CD72AC7F9}) (Version: 36.0.175.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{CF4D7C86-DBA1-458D-990F-987A386091C8}) (Version: 43.0.175.0 - HP)
HP FTP Plugin (HKLM-x32\...\{B9FFA818-A8AE-406E-80EF-85A54A1C9F83}) (Version: 43.0.175.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{78CD6FCC-A6E9-4DCB-B137-FD691DB15CC6}) (Version: 36.0.175.0 - HP)
HP Ink Tank 310 series Ayuda (HKLM-x32\...\{8032AA89-A328-4B09-9BF6-8A7EE1F9DB37}) (Version: 44.0.0 - HP)
HP Ink Tank 310 series Software básico del dispositivo (HKLM\...\{D9C16FBB-0D18-4F86-92FF-C2F68E0EB2C7}) (Version: 45.3.2597.18208 - HP Inc.)
HP OneDrive Plugin (HKLM-x32\...\{C79809ED-0E3D-43E9-9F45-FA43DFA1EFFD}) (Version: 36.0.175.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{6E9B2B7C-1701-4DD3-80F7-B45ECA565DF9}) (Version: 43.0.175.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{41871A92-7684-456F-8BE2-AB570C641AEC}) (Version: 43.0.175.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{B2630333-677F-4F40-9625-7F76CFB02EA1}) (Version: 12.9.24.3 - HP Inc.)
IC Markets cTrader (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\adc49d1d01a64dad) (Version: 3.6.65534.35709 - IC Markets cTrader)
ICMarkets - MetaTrader 5 (HKLM\...\ICMarkets - MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Java(TM) SE Development Kit 11.0.1 (64-bit) (HKLM\...\{F4039C0F-E4C1-5905-9E7D-DDA8EDE365BC}) (Version: 11.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
L2 Latino  v19.7 (HKLM-x32\...\L2 Latino ) (Version: v19.7 - L2Latino)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MetaTrader - EXNESS (HKLM-x32\...\MetaTrader - EXNESS) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader - FXOpen (HKLM-x32\...\MetaTrader - FXOpen) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - ESN (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - ESN) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{7186392a-1a98-4844-a7a9-613401ff3f2c}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{eabee2ac-b1d9-4a98-8e85-bc5a8ebb6e95}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 72.0.2 (x64 es-ES)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
MSI Afterburner 4.6.0 Beta 9 (HKLM-x32\...\Afterburner) (Version: 4.6.0 Beta 9 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.70.7 - Black Tree Gaming)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OANDA - MetaTrader (HKLM-x32\...\OANDA - MetaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Nombre de su organización)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - Advanced Micro Devices, Inc. (amdkmdap) Display  (12/06/2017 23.20.15002.11) (HKLM\...\AB86C4507336F53FACE8C9D5B08A13E242C5FFA9) (Version: 12/06/2017 23.20.15002.11 - Advanced Micro Devices, Inc.)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
Pointofix (HKLM-x32\...\Pointofix_is1) (Version:  - Amerigomedia)
Questpaket 4 Update 2 Deinstallation (HKLM-x32\...\G3QP231012008_is1) (Version: 4.2.0.0 - Humanforce)
RapiCapWin 2.0.2 (HKLM-x32\...\RapiCapWin_is1) (Version: 2.0.2 - RapiCapWin.com)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.29093 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
RoboForex - MetaTrader 4 (HKLM-x32\...\RoboForex - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Samsung Tool PRO 29.5 (HKLM-x32\...\44676886-FD7F-4C53-B188-BC86EED9BBC1_is1) (Version:  - z3x-team)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.11.0 - Samsung Electronics Co., Ltd.)
SERA - El CD 2.0 (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\SERA - El CD) (Version: 2.0 - Sera GmbH)
Solid Converter v9 (HKLM-x32\...\{14CFE370-0717-44B9-BD78-88C59D91A749}_is1) (Version: 9.1.6079.1056 - Solid Documents)
Solid PDF Creator (HKLM-x32\...\{DFE70CCC-0ACB-45B7-94F4-9DC6F01B7928}_is1) (Version: 9.1.2804.1 - Solid Documents)
SolidWordAddIn (HKLM-x32\...\{ddad9751-a580-432a-a4c2-893b44e4b0ba}_is1) (Version: 9.1.6079.1056 - Solid Documents)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{0F8CCE41-B6D0-43BB-BDBA-B8DF073216DB}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{AF688AD8-21D3-4B17-9775-9955B1135DEC}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{DE620959-4E84-4FA7-97BE-A6D4048016A2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (HKLM\...\{C767CCB8-3FE7-4FA3-A01D-EFDFB5C4D1B5}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Telegram Desktop versión 1.8.8 (HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.8 - Telegram FZ-LLC)
The Elder Scrolls III: Morrowind Game of the Year Edition (HKLM-x32\...\The Elder Scrolls III: Morrowind Game of the Year Edition) (Version:  - Bethesda Softworks)
The Witcher 2 Assassins of Kings - Enhanced Edition (HKLM-x32\...\The Witcher 2 Assassins of Kings - Enhanced Edition_is1) (Version:  - )
Tom Clancys Splinter Cell Blacklist Complete MULTi14 - ElAmigos versión 1.03 (HKLM-x32\...\{D2E6B774-D720-4469-8315-37C1D75DD918}_is1) (Version: 1.03 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
vJoy Device Driver 2.1.8.38 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.8.38 - Shaul Eizikovich)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WarCraft III Complete Edition MULTi6 - ElAmigos versión 1.27b (HKLM-x32\...\{E8FA15F8-415B-43E1-A04E-A27D6734E624}_is1) (Version: 1.27b - Blizzard Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\MARCO\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://skupkav.ru/?utm_source=startlink03&utm_content=0bfd739aabc09f087131cb2df69fbefa&utm_term=CA22F2BBBE8DCDEC22046C966D20F70C&utm_d=20180106"

==================== Módulos cargados (Lista blanca) =============

2015-06-25 15:53 - 2015-06-25 15:53 - 000011776 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 002013696 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 000014336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 000739840 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 000071168 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 000014336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () [Archivo no firmado] C:\Users\MARCO\AppData\Local\MEGAsync\ShellExtX64.dll
2018-03-21 00:15 - 2015-04-21 05:29 - 000143360 ____R () [Archivo no firmado] C:\Windows\system32\BrSNMP64.dll
2020-01-20 22:42 - 2020-01-20 22:39 - 000145863 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2016-02-26 15:29 - 2016-02-26 15:29 - 000004608 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\atiamesp.dll
2018-03-20 22:40 - 2014-06-16 15:45 - 000216007 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-03-20 22:40 - 2014-06-16 16:03 - 000083968 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-03-20 22:40 - 2014-06-16 16:03 - 017955328 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-03-20 22:40 - 2014-06-16 16:03 - 000165831 _____ (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\ControlCenter4\BrCcLSpa.dll
2018-03-21 00:15 - 2015-04-21 05:29 - 000087040 ____R (Brother Industries, Ltd.) [Archivo no firmado] C:\Windows\system32\BrNetSti.dll
2018-04-18 11:28 - 2018-01-11 11:23 - 001098183 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2018-01-14 01:00 - 2016-09-20 14:47 - 000003584 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\api-ms-win-core-winrt-l1-1-0.dll
2018-01-14 01:00 - 2016-09-20 14:47 - 000004096 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\api-ms-win-core-winrt-string-l1-1-0.dll
2009-08-18 11:24 - 2009-08-18 11:24 - 000167424 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2020-01-25 19:49 - 2020-01-25 19:49 - 000069337 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\Common Files\System\symsrv.dll
2018-01-14 01:00 - 2016-12-27 16:11 - 000072192 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\gatt_api.dll
2018-01-14 01:00 - 2016-12-23 13:34 - 000059392 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\GattExport.dll
2018-01-14 01:00 - 2016-09-20 14:47 - 000266752 _____ (Realtek Semiconductor Corporation) [Archivo no firmado] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LeDll.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000049664 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000029696 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000037376 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000030208 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000459776 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000236544 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000275456 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 16:17 - 2015-06-25 16:17 - 000023552 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000022528 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000351744 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000021504 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 16:21 - 2015-06-25 16:21 - 000374784 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 16:14 - 2015-06-25 16:14 - 001212416 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 11:58 - 2015-07-02 11:58 - 005496320 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 005804544 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 16:00 - 2015-06-25 16:00 - 001061376 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 16:23 - 2015-06-25 16:23 - 003187712 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 16:28 - 2015-06-25 16:28 - 002924544 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 16:16 - 2015-06-25 16:16 - 000310784 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 16:08 - 2015-06-25 16:08 - 005444608 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 16:58 - 2015-06-25 16:58 - 000277504 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 15:59 - 2015-06-25 15:59 - 000193024 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56977697 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56977697 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\...\1001movie.com -> 1001movie.com

Hay 6091 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-12-06 12:41 - 2020-01-30 00:19 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

2018-09-26 14:47 - 2018-09-27 15:02 - 000000437 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\adb;C:\Program Files (x86)\HP\Common\HPDestPlgIn\
HKU\S-1-5-21-1981365817-1338075218-4232470481-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está deshabilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{BED5FE45-5850-476C-A761-E795D1316A92}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A88DC9EF-F477-4BC9-B35C-A1E6E4AC38F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Puntos de Restauración =========================

29-01-2020 13:13:23 Punto de control programado
30-01-2020 08:46:17 Removed ZoneAlarm Antivirus
30-01-2020 08:47:17 Removed ZoneAlarm Firewall
30-01-2020 08:47:49 Removed ZoneAlarm Security

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ADB Interface
Description: ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: HMD Global
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android Composite ADB Interface
Description: Android Composite ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Dispositivo periférico Bluetooth
Description: Dispositivo periférico Bluetooth
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/30/2020 08:13:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: CoolSense.exe, versión: 2.2.0.41, marca de tiempo: 0x5369cc12
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x77bfb62a
Id. del proceso con errores: 0xf0c
Hora de inicio de la aplicación con errores: 0x01d5d76f08935311
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 47c2c2b4-4362-11ea-9f3f-acd1b8a31200

Error: (01/30/2020 08:12:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\MetaTrader - FXOpen\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/30/2020 08:12:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\MetaTrader 4 IC Markets\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/30/2020 08:12:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/30/2020 08:12:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\RoboForex - MetaTrader 4\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/30/2020 12:23:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: CoolSense.exe, versión: 2.2.0.41, marca de tiempo: 0x5369cc12
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.24094, marca de tiempo: 0x5abedfcd
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00063289
Id. del proceso con errores: 0x1308
Hora de inicio de la aplicación con errores: 0x01d5d72d6808813e
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
Ruta de acceso del módulo con errores: C:\Windows\SysWOW64\ntdll.dll
Id. del informe: a713ed9a-4320-11ea-a6e6-acd1b8a31200

Error: (01/30/2020 12:23:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\MetaTrader 4 IC Markets\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/30/2020 12:23:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\OANDA - MetaTrader\terminal.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Errores del sistema:
=============
Error: (01/30/2020 08:14:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Google Update (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (01/30/2020 08:14:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Servicio de Google Update (gupdate).

Error: (01/30/2020 08:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio lirsgt no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (01/30/2020 08:12:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio atksgt no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (01/30/2020 08:12:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AODDriver4.3 no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar la ruta especificada.

Error: (01/30/2020 08:12:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.

Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126

Error: (01/30/2020 12:50:43 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/30/2020 12:24:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de Google Update (gupdate) no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
===================================
Date: 2018-05-06 02:00:18.543
Description: 
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica:Con acceso
Código de error:0x80501002
Descripción de error:El programa no encuentra archivos de definición que le ayuden a detectar el software no deseado. Busque actualizaciones para los archivos de definición e inténtelo de nuevo. Para obtener información para instalar actualizaciones, consulte Ayuda y soporte técnico. 
Motivo:La supervisión en tiempo real dejó de funcionar por motivos desconocidos. Reinicie el servicio para recuperarla.

CodeIntegrity:
===================================

Date: 2020-01-30 08:12:37.355
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 08:12:37.315
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 08:12:37.195
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 08:12:37.175
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 00:22:53.589
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 00:22:53.549
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 00:22:53.429
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2020-01-30 00:22:53.399
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F.44 09/20/2016
Placa base: Hewlett-Packard 808C
Procesador: AMD A10-4655M APU with Radeon(tm) HD Graphics 
Porcentaje de memoria en uso: 42%
RAM física total: 15556.64 MB
RAM física disponible: 8874.53 MB
Virtual total: 40120.81 MB
Virtual disponible: 33018.46 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:150.19 GB) (Free:10.42 GB) NTFS
Drive d: () (Fixed) (Total:781.22 GB) (Free:57.56 GB) NTFS

\\?\Volume{8ac0b762-668e-11e7-9765-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EE158A60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781.2 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola @marcobh1

:+1::+1:

Vamos por mas!!

Paso 1: Abre tu navegador Google Chrome presionas los tres puntos a la derecha de la Barra de Direcciones >>> Mas Herramientas >>> Extensiones

Buscas:

  • CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)

  • CHR Extension: (Avira Navegación segura)

  • CHR Extension: (Avast Online Security)

  • CHR Extension: (Chrome Media Router)

Vas una a una y seleccionas Quitar

Paso 2: Luego realiza lo siguiente:

Desinstala con Revo Unistaller en su Modo Avanzado (especialmente si lo tienes pirata)

  • Cashflow 101 + 202 lite v.1.2 (HKLM-x32.…{6F652078-1622-48B7-911C-0929E0D6B636}_is1) (Version: - CFGAME.RU)

Paso 3: Continuas con:

1.- Muy Importante >>> Realizar nuevamente una copia de Seguridad de tu Registro.

  • Ejecuta DelFix desde el escritorio de Windows. (Como ya lo has hecho)
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego :

2.- Descarga a tu escritorio el archivo que te dejo adjunto fixlist.txt

fixlist.txt (4,9 KB)

  • Lo dejas con ese nombre fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

3.- Inicie su ordenador en >>> Modo Seguro.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

El resto ya sabes, nos traes los reportes, cualquier duda o problema lo comentas.

Salu2