Notepad.exe consume demasiada memoria

Hola, buenas tardes.

Hace poco, sospecho de que metí sin querer un virus en el ordenador y después de pasar varias veces el antivirus para que lo mire todo, no ha encontrado nada, pero aun así, sigo preocupado, pues los ventiladores del equipo se encienden más de lo normal y casualmente, cuando le doy al administrador de tareas, me encuentro con un proceso “notepad.exe” que se ejecuta con un gran consumo de ram y cpu, y cuyo proceso se encuentra en C:\Windows\notepad.exe en vez de en la ruta C:\Windows\System32\notepad.exe, que es la que se ejecuta cuando pongo en el buscador “notepad.exe”, mi pregunta es si, ese archivo puede ser un virus.

Muchas gracias

• Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

• Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?

• Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

• En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

• Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Aquí tienes

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by jesus (administrator) on DESKTOP-HI98IAD (Dell Inc. G3 3579) (15-12-2019 18:09:33)
Running from C:\Users\jesus\Desktop
Loaded Profiles: jesus (Available Profiles: jesus)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b4d3b207f636e8fa\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b4d3b207f636e8fa\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(K Desktop Environment e.V. -> ) C:\Program Files\KDE Connect\bin\dbus-daemon.exe
(K Desktop Environment e.V. -> ) C:\Program Files\KDE Connect\bin\kdeconnectd.exe
(K Desktop Environment e.V. -> ) C:\Program Files\KDE Connect\bin\kdeconnect-indicator.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\jesus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_500ef3cb43f79445\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_500ef3cb43f79445\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [Spotify] => C:\Users\jesus\AppData\Roaming\Spotify\Spotify.exe [24274336 2019-09-13] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [GoogleChromeAutoLaunch_4BACDDACF2A38CCE7C5B066A34096BF2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-07] (Google LLC -> Google LLC)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36055952 2019-12-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2519488 2019-09-27] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [Discord] => C:\Users\jesus\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [f619a1d2] => C:\ProgramData\Intel\Wireless\e6844d2\aefgdab.exe [943784 2019-12-15] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\Common7\IDE\devenv.exe [727392 2019-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\MountPoints2: {d5dd19b0-e3bf-11e9-b760-982cbc346506} - "D:\OnePlus_setup.exe" /s
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\KDE Connect.lnk [2019-09-09]
ShortcutTarget: KDE Connect.lnk -> C:\Program Files\KDE Connect\bin\kdeconnect-indicator.exe (K Desktop Environment e.V. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {083468EB-865B-4065-A559-34DD4AD0A4B9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0987346E-CB16-421B-A62D-ADDC02540F79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {09C66BF8-5731-4116-B301-832AE07CAD57} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10C7E9E2-23DD-44C1-915C-32548F014DBE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F215918-EEED-4620-B6EC-60556A3DA0E6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2DB13740-0759-4BC3-86E0-31040394D951} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [903520 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {34A20DAC-BD9F-4EAB-A234-8B953A23F795} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-22] (Google Inc -> Google LLC)
Task: {41671DBE-079F-45DF-963C-45E8EFB90382} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {560F0642-C096-45B0-B14F-92B154ACA5C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96A38AF0-C9F0-4866-A168-CD19308FDE73} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F46FE80-F744-45E4-8B69-CF701D6A4575} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0C3594B-9C58-4137-8A42-17A9C3B98004} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB2F3770-801B-43DC-9F7D-B741847A678B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C60E8E6C-9C76-4458-9D44-2B5A991BEDB0} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1519064 2019-11-23] (Dell Inc. -> Dell Inc.)
Task: {CC4B7467-6ABC-4D51-9AF0-A0B3CDF14265} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DB08D270-8DF8-4AF1-A8DD-A85470739D4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-22] (Google Inc -> Google LLC)
Task: {DFF21492-344A-409E-B580-2093D01FE488} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED09DFE2-575C-4099-8C94-E25F8E017A20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3F50658-4117-4F60-86CB-A58099353969} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 172.217.22.131 jesus.mola
Tcpip\Parameters: [DhcpNameServer] 212.231.6.7 46.6.113.34 192.168.1.1
Tcpip\..\Interfaces\{281f89aa-88ea-4ecb-8f51-379362659311}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{59ab5ced-5139-48d5-a403-386ca461b31b}: [DhcpNameServer] 212.231.6.7 46.6.113.34 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://google.es/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.es/
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://web.telegram.org
CHR Profile: C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default [2019-12-15]
CHR Extension: (Presentaciones) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-22]
CHR Extension: (Universal Bypass) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-12-06]
CHR Extension: (Documentos) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-22]
CHR Extension: (Google Drive) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-22]
CHR Extension: (YouTube) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-22]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (ARC Welder) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2019-08-22]
CHR Extension: (Google Play Música) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2019-08-22]
CHR Extension: (Hojas de cálculo) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-22]
CHR Extension: (Vysor) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2019-08-22]
CHR Extension: (Chrometana - Redirect Bing Somewhere Better) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaicbfmipfpfpjmlbpejaoaflfdnabnc [2019-09-10]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2019-08-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (Gmail) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Extension: (Unity AssetStore) - C:\Users\jesus\AppData\Local\Google\Chrome\User Data\Default\Extensions\plhhaoeeknkjgdkdjgiiiollojlmdcak [2019-09-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-09-29] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2019-12-08] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2019-04-03] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-09-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1652312 2018-02-20] (Intel Corporation -> Intel Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-11-08] (Mixbyte Inc -> Freemake)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [870760 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [783208 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [290392 2019-04-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 MBAMInstallerService; C:\Users\jesus\AppData\Local\Temp\MBAMInstallerService.exe [5217992 2019-12-10] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2019-03-07] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2351304 2019-03-07] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-23] (Dell Inc. -> Dell Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 WavesSysSvc; C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe [884616 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_500ef3cb43f79445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_500ef3cb43f79445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R4 DBUtil_2_3; C:\Windows\TEMP\DBUtil_2_3.Sys [14840 2019-12-15] (Dell Inc. -> )
R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [77224 2018-02-20] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [70568 2018-02-20] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [399784 2018-02-20] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [85032 2017-12-13] (Intel(R) Software -> Intel Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [123520 2018-05-02] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_1a0a783a9fea936d\ibtusb.sys [15095584 2019-05-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-08] (Malwarebytes Inc -> Malwarebytes)
S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8723968 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9117688 2019-06-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_500ef3cb43f79445\nvlddmkm.sys [22370696 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1024384 2018-04-30] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [443480 2019-07-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [132952 2019-03-07] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-15 18:09 - 2019-12-15 18:11 - 000034508 _____ C:\Users\jesus\Desktop\FRST.txt
2019-12-15 18:09 - 2019-12-15 18:10 - 000000000 ____D C:\FRST
2019-12-15 18:07 - 2019-12-15 18:07 - 002264064 _____ (Farbar) C:\Users\jesus\Desktop\FRST64.exe
2019-12-15 18:06 - 2019-12-15 18:06 - 000000000 ___HD C:\OneDriveTemp
2019-12-15 13:24 - 2019-12-15 13:25 - 003025872 _____ C:\Users\jesus\Downloads\AnyDesk (1).exe
2019-12-15 13:22 - 2019-03-19 05:45 - 000181248 _____ (Microsoft Corporation) C:\Users\jesus\Desktop\notepad.exe
2019-12-14 20:56 - 2019-12-15 14:19 - 000010269 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2019-12-14 15:19 - 2019-12-14 20:56 - 000010168 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2019-12-14 12:39 - 2019-12-14 15:19 - 000008573 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2019-12-13 21:01 - 2019-12-14 12:38 - 000009874 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2019-12-13 13:41 - 2019-12-14 12:39 - 000115406 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2019-12-13 13:41 - 2019-12-14 12:39 - 000019665 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2019-12-13 01:09 - 2019-12-13 01:09 - 025443840 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 018020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 009927992 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-13 01:09 - 2019-12-13 01:09 - 007754240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 007600448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 006516648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 006083832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 005943296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 005914112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-12-13 01:09 - 2019-12-13 01:09 - 002762296 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 002698768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-12-13 01:09 - 2019-12-13 01:09 - 002494432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 002188816 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 002147328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 002082208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-13 01:09 - 2019-12-13 01:09 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 001697280 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-12-13 01:09 - 2019-12-13 01:09 - 001664904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll

2019-12-13 01:09 -2019-12-13 01:09 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001610752 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001539584 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001512528 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-13 01:09 -2019-12-13 01:09 - 001496080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001399312 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-12-13 01:09 -2019-12-13 01:09 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-13 01:09 -2019-12-13 01:09 - 001261464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-12-13 01:09 -2019-12-13 01:09 - 001098928 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-12-13 01:09 -2019-12-13 01:09 - 001072952 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-12-13 01:09 -2019-12-13 01:09 - 001054864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000986936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-12-13 01:09 -2019-12-13 01:09 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000842552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000822416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-12-13 01:09 -2019-12-13 01:09 - 000797112 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000774456 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-12-13 01:09 -2019-12-13 01:09 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000674280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-13 01:09 -2019-12-13 01:09 - 000673456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-12-13 01:09 -2019-12-13 01:09 - 000646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000593128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2019-12-13 01:09 -2019-12-13 01:09 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000511000 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-12-13 01:09 -2019-12-13 01:09 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-12-13 01:09 -2019-12-13 01:09 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2019-12-13 01:09 -2019-12-13 01:09 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-12-13 01:09 -2019-12-13 01:09 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-12-13 01:09 -2019-12-13 01:09 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-13 01:09 -2019-12-13 01:09 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-13 01:08 -2019-12-13 01:08 - 007905000 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-12-13 01:08 -2019-12-13 01:08 - 007278592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-12-13 01:08 -2019-12-13 01:08 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-12-13 01:08 -2019-12-13 01:08 - 003703296 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-12-13 01:08 -2019-12-13 01:08 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-12-13 01:08 -2019-12-13 01:08 - 002284544 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-12-13 01:08 -2019-12-13 01:08 - 001748480 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-12-13 01:08 -2019-12-13 01:08 - 001656600 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-13 01:08 -2019-12-13 01:08 - 001451520 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2019-12-13 01:08 -2019-12-13 01:08 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-12-13 01:08 -2019-12-13 01:08 - 001066496 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-12-13 01:08 -2019-12-13 01:08 - 001006904 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-13 01:08 -2019-12-13 01:08 - 000598016 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-12-13 01:08 -2019-12-13 01:08 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-13 01:08 -2019-12-13 01:08 - 000530944 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-12-13 01:08 -2019-12-13 01:08 - 000422712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-12-13 01:08 -2019-12-13 01:08 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-12-13 01:08 -2019-12-13 01:08 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000127272 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2019-12-13 01:08 -2019-12-13 01:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2019-12-13 01:08 -2019-12-13 01:08 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2019-12-12 23:38 -2019-12-12 23:38 - 000493677 _____ C:\Users\jesus\Downloads\bloque-7-la-restauracic3b3n-borbc3b3nica-1874-1902-con-preguntas-pbau-2017.pdf
2019-12-12 21:23 -2019-12-13 00:20 - 000010277 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2019-12-12 19:37 -2019-12-12 19:54 - 000000000 ____D C:\Users\jesus\AppData\Roaming\AnyDesk
2019-12-12 19:37 -2019-12-12 19:37 - 003025872 _____ C:\Users\jesus\Downloads\AnyDesk.exe
2019-12-12 13:57 -2019-12-12 21:23 - 000010267 _____ C:\ProgramData\DisplaySessionContainer9.log_backup1
2019-12-12 11:28 -2019-12-12 13:56 - 000000000 ____D C:\Users\jesus\Desktop\TFG MARIA
2019-12-11 01:48 -2019-12-12 13:57 - 000010268 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2019-12-10 03:39 -2019-12-11 01:48 - 000011535 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2019-12-10 03:38 -2019-12-10 03:38 - 000008552 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2019-12-09 17:45 -2019-12-09 23:15 - 000011939 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2019-12-09 03:16 -2019-12-09 03:16 - 000007605 _____ C:\Users\jesus\AppData\Local\Resmon.ResmonCfg
2019-12-08 19:27 -2019-12-08 19:27 - 000000844 _____ C:\Users\jesus\Downloads\master.m3u8
2019-12-08 19:10 -2019-12-08 19:10 - 000000253 _____ C:\DelFix.txt
2019-12-08 19:10 -2019-12-08 19:10 - 000000000 ____D C:\Windows\ERUNT
2019-12-08 18:59 -2019-12-08 18:59 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-08 18:59 -2019-12-08 18:59 - 000216544 ____N (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-08 18:59 -2019-12-08 18:59 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-08 18:59 -2019-12-08 18:59 - 000000000 ____D C:\Users\jesus\AppData\Local\mbamtray
2019-12-08 18:59 -2019-12-08 18:59 - 000000000 ____D C:\Users\jesus\AppData\Local\mbam
2019-12-08 18:59 -2019-12-08 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-08 18:59 -2019-12-08 18:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-08 18:58 -2019-12-08 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-08 18:57 -2019-12-08 18:58 - 001883976 _____ (Malwarebytes) C:\Users\jesus\Downloads\MBSetup.exe
2019-12-08 18:50 -2019-12-08 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-12-08 18:49 -2019-12-08 18:49 - 000000000 ____D C:\Program Files (x86)\Dell
2019-12-03 23:33 -2019-12-03 23:33 - 000125101 _____ C:\Users\jesus\Downloads\Redacción de ingles 2 (1).pdf
2019-12-03 23:31 -2019-12-03 23:31 - 000125101 _____ C:\Users\jesus\Downloads\Redacción de ingles 2.pdf
2019-12-03 21:04 -2019-12-03 21:04 - 000125122 _____ C:\Users\jesus\Downloads\Redacción de ingles.pdf
2019-12-02 20:15 -2019-12-03 14:18 - 000011530 _____ C:\ProgramData\DisplaySessionContainer29.log_backup1
2019-12-02 14:36 -2019-12-02 20:15 - 000009892 _____ C:\ProgramData\DisplaySessionContainer28.log_backup1
2019-12-01 21:34 -2019-12-02 14:35 - 000010212 _____ C:\ProgramData\DisplaySessionContainer27.log_backup1
2019-12-01 15:27 -2019-12-01 21:34 - 000009467 _____ C:\ProgramData\DisplaySessionContainer26.log_backup1
2019-12-01 12:58 -2019-12-01 15:26 - 000009875 _____ C:\ProgramData\DisplaySessionContainer25.log_backup1
2019-11-30 21:06 -2019-12-01 12:58 - 000009482 _____ C:\ProgramData\DisplaySessionContainer24.log_backup1
2019-11-30 20:23 -2019-11-30 20:23 - 009510762 _____ C:\Users\jesus\Downloads\Nueva Evangelización Bachillerato 2015.pdf
2019-11-30 20:16 -2019-11-30 20:16 - 000349447 _____ C:\Users\jesus\Downloads\BACHILLERATO RELIGION (1).pdf
2019-11-30 20:06 -2019-11-30 20:06 - 000828426 _____ C:\Users\jesus\Downloads\BACHILLERATO RELIGION.pdf
2019-11-29 13:14 -2019-11-30 21:06 - 000011943 _____ C:\ProgramData\DisplaySessionContainer23.log_backup1
2019-11-29 00:51 -2019-11-29 13:14 - 000009474 _____ C:\ProgramData\DisplaySessionContainer22.log_backup1
2019-11-27 21:23 -2019-11-29 00:51 - 000009875 _____ C:\ProgramData\DisplaySessionContainer21.log_backup1
2019-11-27 18:43 -2019-11-27 18:43 - 000132738 _____ C:\Users\jesus\Downloads\certificadoDS.pdf
2019-11-27 01:03 -2019-11-27 21:23 - 000011851 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2019-11-26 21:20 -2019-11-27 01:03 - 000009884 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2019-11-26 16:49 -2019-11-26 16:49 - 000023970 _____ C:\Users\jesus\Downloads\LCN8CTOALOPKLAMBAGCMMG.pkpass
2019-11-26 16:42 -2019-11-26 16:42 - 000496547 _____ C:\Users\jesus\Downloads\WBX6NF.pdf
2019-11-26 13:55 -2019-11-26 21:20 - 000011538 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1
2019-11-25 23:45 -2019-11-26 13:55 - 000009484 _____ C:\ProgramData\DisplaySessionContainer17.log_backup1
2019-11-25 23:34 -2019-11-25 23:34 - 000169294 _____ C:\Users\jesus\Downloads\diedrico (2).pdf
2019-11-25 23:33 -2019-11-25 23:33 - 000160807 _____ C:\Users\jesus\Downloads\homologia (1).pdf
2019-11-25 13:10 -2019-11-25 23:45 - 000011554 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2019-11-25 12:40 -2019-11-26 17:53 - 000000000 ____D C:\Users\jesus\Desktop\maria examen udd
2019-11-25 11:45 -2019-11-25 11:45 - 000000000 ____D C:\ProgramData\Wondershare
2019-11-24 23:37 -2019-11-25 13:10 - 000010597 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2019-11-24 22:24 -2019-05-02 19:06 - 000150401 _____ C:\Users\jesus\Downloads\Exámenes Leng Cast y Lit II - A y B.pdf
2019-11-24 22:21 -2019-11-24 22:21 - 000940545 _____ C:\Users\jesus\Downloads\sel_2012_lengua_castellana.zip
2019-11-24 22:16 -2019-05-29 18:40 - 000132314 _____ C:\Users\jesus\Downloads\Exámenes Lengua Castellana y Literatura - A y B.pdf
2019-11-24 22:15 -2019-05-29 18:40 - 000123121 _____ C:\Users\jesus\Downloads\Exámenes Lengua Castellana y Literatura II - A y B.pdf
2019-11-24 22:14 -2019-04-29 19:36 - 000159716 _____ C:\Users\jesus\Downloads\Exámenes Lengua Castellana y Literatura II A y B.pdf
2019-11-24 20:57 -2019-11-24 20:57 - 002299334 _____ C:\Users\jesus\Downloads\sel_2019_lengua_castellana.zip
2019-11-24 20:34 -2019-11-24 20:34 - 000000000 ____D C:\ProgramData\ABBYY
2019-11-24 20:26 -2019-12-08 18:48 - 000000000 ____D C:\Users\jesus\AppData\Roaming\Wondershare
2019-11-24 20:26 -2019-11-24 20:26 - 000000000 ____D C:\Users\jesus\AppData\Local\Wondershare
2019-11-24 20:25 -2019-12-08 18:48 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-11-24 20:22 -2019-11-24 20:22 - 007525304 _____ C:\Users\jesus\Downloads\03 EJEMPLARIO_PRUEBAS_SELECTIVIDAD_NUEVO_MODELO.pdf
2019-11-24 14:09 -2019-11-24 14:12 - 000008575 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2019-11-24 13:50 -2019-11-24 13:50 - 000000000 ____D C:\Users\jesus\Documents\Freemake
2019-11-24 13:50 -2019-11-24 13:50 - 000000000 ____D C:\Users\jesus\AppData\Local\FreemakeVideoConverter
2019-11-24 13:50 -2019-11-24 13:50 - 000000000 ____D C:\ProgramData\Freemake
2019-11-24 13:49 -2019-11-24 13:52 - 000000000 ____D C:\Program Files (x86)\Freemake
2019-11-24 13:40 -2019-11-24 13:43 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2019-11-24 13:40 -2019-11-24 13:40 - 000000000 ____D C:\FFOutput
2019-11-22 21:43 -2019-11-23 15:14 - 000014998 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2019-11-22 21:43 -2019-11-22 21:43 - 000006647 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2019-11-22 21:17 -2019-11-22 21:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne8e08544155def4b
2019-11-22 21:16 -2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignf176ee2618397ab1
2019-11-22 21:16 -2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne11e324ce54d6ed4
2019-11-22 21:16 -2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign0e40f42050e8e537
2019-11-22 21:15 -2019-11-22 21:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign3f7a1f90d19a59b0
2019-11-22 21:15 -2019-11-22 21:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign38dd0341b5bba0a3
2019-11-22 20:45 -2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc4270ecd4fbfdfd9
2019-11-22 20:45 -2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna105c6b1a9c8e2ff
2019-11-22 20:45 -2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign51130cc9951f4e35
2019-11-22 20:44 -2019-11-22 20:44 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc8753fa24a77997d
2019-11-22 20:44 -2019-11-22 20:44 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign63eb6480f1d45df5
2019-11-22 20:39 -2019-11-22 21:26 - 000000000 ____D C:\Users\jesus\Documents\arcade game
2019-11-22 20:39 -2019-11-22 20:39 - 000009673 _____ C:\Users\jesus\Downloads\arcade_pack.zip
2019-11-19 19:47 -2019-11-19 19:47 - 001319866 ____T C:\Users\jesus\Documents\Mood 2BATCH v2.arexport
2019-11-19 19:41 -2019-11-19 19:41 - 000943251 _____ C:\Users\jesus\Downloads\VID_81601116_104246_982.mp4
2019-11-19 19:22 -2019-11-19 19:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7cfcec9e19e99768
2019-11-19 19:21 -2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne5656470338b31df
2019-11-19 19:21 -2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignadd1e1eb45f23c32
2019-11-19 19:21 -2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign77a97cbc1ada9887
2019-11-19 19:21 -2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7591cd15e376a0cd
2019-11-19 19:19 -2019-11-19 19:18 - 001319836 ____T C:\Users\jesus\Documents\Mood 2BATCH.arexport
2019-11-19 19:03 -2019-11-19 19:03 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1060447544-1651597415-456183299-1001
2019-11-19 19:03 -2019-11-19 19:03 - 000002397 _____ C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-19 18:41 -2019-11-19 18:41 - 000438804 _____ C:\Users\jesus\Downloads\132106__sironboy__woman-scream.wav
2019-11-19 18:41 -2019-11-19 18:41 - 000021611 _____ C:\Users\jesus\Downloads\132106_sironboy_woman-scream (online-audio-converter.com).m4a
2019-11-19 18:23 -2019-11-19 19:46 - 000000000 ____D C:\Users\jesus\Documents\viva la vaselina
2019-11-19 18:15 -2019-11-19 18:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign2313c16371105f64
2019-11-19 18:14 -2019-11-19 18:14 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne29f4fba5b1641e8
2019-11-19 18:14 -2019-11-19 18:14 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna2d8ddaa8c31aa77
2019-11-19 18:10 -2019-11-19 18:10 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign50fedcb48604b9b1
2019-11-19 18:10 -2019-11-19 18:10 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign49903230559cc7a8
2019-11-19 18:09 -2019-11-19 18:09 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc04bc90e2f4902fc
2019-11-19 17:58 -2019-11-19 17:58 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign9b5b88f2f91eeb46
2019-11-19 17:58 -2019-11-19 17:58 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign8516046bebb381b1
2019-11-19 17:57 -2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignf5d7772976e34238
2019-11-19 17:57 -2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignd2c04c4d7afd8188
2019-11-19 17:57 -2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign1d30adf1293f8c07
2019-11-16 01:37 -2019-11-16 01:37 - 000097069 _____ C:\Users\jesus\Downloads\spot-chilly-noelia-lopez- (online-audio-converter.com).m4a
2019-11-16 01:21 -2019-11-17 19:13 - 000000000 ____D C:\Users\jesus\Documents\chilly prooject
2019-11-16 01:17 -2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc433084f610f1171
2019-11-16 01:17 -2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc223d269b7f4f960
2019-11-16 01:17 -2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign635478c8193246bd
2019-11-16 01:17 -2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign3774c4474b099b2e
2019-11-16 01:17 -2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign09d7654c56a21cf7
2019-11-16 01:09 -2019-11-16 01:09 - 001594140 _____ C:\Users\jesus\Documents\Default IBL0000.tif
2019-11-16 01:09 -2019-11-16 01:09 - 001594006 _____ C:\Users\jesus\Documents\Default IBL.PSD
2019-11-16 01:09 -2019-11-16 01:09 - 000509594 _____ C:\Users\jesus\Documents\Capa 10001.psd
2019-11-16 01:09 -2019-11-16 01:09 - 000509594 _____ C:\Users\jesus\Documents\Capa 10000.psd
2019-11-16 01:09 -2019-11-16 01:09 - 000092656 _____ C:\Users\jesus\Documents\Capa 1 Material de extrusión - Textura por defecto0001.psd
2019-11-16 01:09 -2019-11-16 01:09 - 000092656 _____ C:\Users\jesus\Documents\Capa 1 Material de extrusión - Textura por defecto0000.psd
2019-11-16 01:09 -2019-11-16 01:09 - 000037252 _____ C:\Users\jesus\Documents\chilly.obj
2019-11-16 01:07 -2019-11-16 01:09 - 000001246 _____ C:\Users\jesus\Documents\chilly.mtl
2019-11-16 01:07 -2019-11-16 01:07 - 001594140 _____ C:\Users\jesus\Documents\Default IBL.tif
2019-11-16 01:07 -2019-11-16 01:07 - 000509594 _____ C:\Users\jesus\Documents\Capa 1.psd
2019-11-16 01:07 -2019-11-16 01:07 - 000092656 _____ C:\Users\jesus\Documents\Capa 1 Material de extrusión - Textura por defecto.psd
2019-11-16 01:05 -2019-11-16 01:05 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign0158e66b3e7083f7
2019-11-16 01:04 -2019-11-16 01:04 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignfa44fd642c4c6556
2019-11-16 00:33 -2019-11-16 00:33 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign9ca2dad7fb272dc5
2019-11-16 00:24 -2019-11-16 00:24 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7f0ffe4be544989a
2019-11-16 00:22 -2019-11-16 00:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna213c88cb9b52d37
2019-11-16 00:22 -2019-11-16 00:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign169b2802f9023b1b
2019-11-16 00:21 -2019-11-16 00:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne8d75c306ec961dc
2019-11-16 00:21 -2019-11-16 00:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc8fa389acb2632df
2019-11-16 00:15 -2019-11-16 00:15 - 000000000 ____D C:\Users\jesus\AppData\Roaming\Facebook
2019-11-16 00:15 -2019-11-16 00:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Facebook
2019-11-16 00:15 -2019-11-16 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spark AR Studio
2019-11-16 00:15 -2019-11-16 00:15 - 000000000 ____D C:\Program Files\Spark AR Studio
2019-11-16 00:12 -2019-11-16 00:14 - 387297280 _____ C:\Users\jesus\Downloads\SparkARStudio_v75.msi
2019-11-16 00:06 -2019-12-13 13:41 - 000276560 _____ C:\Windows\system32\FNTCACHE.DAT

 ==================== One month (modified) ==================

 (If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-15 18:07 -2019-08-22 00:34 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-15 18:06 -2019-10-27 20:39 - 000000000 ___SD C:\Users\jesus\Nextcloud
2019-12-15 18:06 -2019-10-27 20:34 - 000000000 ____D C:\Users\jesus\AppData\Roaming\Nextcloud
2019-12-15 18:06 -2019-08-22 00:38 - 000000000 __SHD C:\Users\jesus\IntelGraphicsProfiles
2019-12-15 18:06 -2019-08-22 00:35 - 000000000 ___RD C:\Users\jesus\OneDrive
2019-12-15 14:13 -2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-15 13:53 -2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness
2019-12-15 13:52 -2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-15 12:16 -2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2019-12-14 19:57 -2019-08-22 00:33 - 000000000 ____D C:\Users\jesus\AppData\Local\Packages
2019-12-14 13:06 -2019-08-21 22:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-12-14 12:48 -2019-08-22 00:32 - 001777788 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-14 12:48 -2019-03-19 12:59 - 000792562 _____ C:\Windows\system32\perfh00A.dat
2019-12-14 12:48 -2019-03-19 12:59 - 000157298 _____ C:\Windows\system32\perfc00A.dat
2019-12-14 12:41 -2019-03-19 05:52 - 000000000 ____D C:\Windows\Registration
2019-12-14 12:39 -2019-08-21 22:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-14 12:39 -2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2019-12-14 12:37 -2019-08-22 00:36 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 12:37 -2019-08-22 00:36 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 13:58 -2019-08-22 01:04 - 000000000 ____D C:\ProgramData\Goodix
2019-12-13 13:58 -2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2019-12-13 13:58 -2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-12-13 13:58 -2019-03-19 05:52 - 000000000 ____D C:\Windows\ServiceState
2019-12-13 13:45 -2019-08-22 00:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 13:45 -2019-08-22 00:33 - 000000000 ___RD C:\Users\jesus\3D Objects
2019-12-13 01:25 -2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources
2019-12-13 01:25 -2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences
2019-12-13 01:25 -2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr
2019-12-13 01:14 -2019-08-23 09:12 - 000000000 ____D C:\Windows\system32\MRT
2019-12-13 01:11 -2019-08-23 09:12 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-13 01:11 -2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp
2019-12-12 11:22 -2019-10-04 15:48 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-12 11:20 -2019-08-22 00:36 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-10 20:52 -2019-08-23 09:52 - 000000000 ____D C:\Users\jesus\AppData\Local\CrashDumps
2019-12-09 13:05 -2019-09-02 22:30 - 000000000 ____D C:\Users\jesus\AppData\Roaming\Telegram Desktop
2019-12-09 01:38 -2019-10-27 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONLYOFFICE
2019-12-08 19:02 -2019-03-19 05:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-12-08 18:59 -2019-09-09 12:34 - 000000000 ____D C:\Users\jesus\AppData\Local\cache
2019-12-08 18:55 -2019-08-22 00:42 - 000000000 ____D C:\ProgramData\PCDr
2019-12-08 18:49 -2019-08-22 00:40 - 000000000 ____D C:\ProgramData\SupportAssist
2019-12-08 18:40 -2019-08-22 00:38 - 000000000 ____D C:\ProgramData\Intel
2019-12-08 13:20 -2019-08-21 22:24 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-12-03 18:54 -2019-09-09 12:33 - 000000000 ____D C:\Users\jesus\AppData\Local\kdeconnect
2019-11-29 13:01 -2019-10-29 21:02 - 000000000 ____D C:\Users\jesus\AppData\Roaming\.minecraft
2019-11-24 13:57 -2019-08-22 00:35 - 000000000 ____D C:\Users\jesus\AppData\Local\PlaceholderTileLogoFolder
2019-11-16 00:06 -2019-08-21 23:23 - 000000000 ____D C:\Windows\Panther

 ==================== Files in the root of some directories ========

2019-09-08 17:21 -2019-09-08 17:21 - 000000000 _____ () C:\Users\jesus\AppData\Local\oobelibMkey.log
2019-10-20 19:42 -2019-10-20 19:42 - 000002582 _____ () C:\Users\jesus\AppData\Local\recently-used.xbel
2019-12-09 03:16 -2019-12-09 03:16 - 000007605 _____ () C:\Users\jesus\AppData\Local\Resmon.ResmonCfg

 ==================== SigCheck ============================

 (There is no automatic fix for files that do not pass verification.)

 ==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by jesus (15-12-2019 18:12:51)
Running from C:\Users\jesus\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-21 21:26:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1060447544-1651597415-456183299-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1060447544-1651597415-456183299-503 - Limited - Disabled)
Invitado (S-1-5-21-1060447544-1651597415-456183299-501 - Limited - Disabled)
jesus (S-1-5-21-1060447544-1651597415-456183299-1001 - Administrator - Enabled) => C:\Users\jesus
WDAGUtilityAccount (S-1-5-21-1060447544-1651597415-456183299-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 3.5 - Google LLC)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Autodesk Fusion 360 (HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.6508 - Autodesk, Inc.)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Dell SupportAssist (HKLM\...\{AEFE431B-C6FB-449E-B2DB-93E67B8B1DAF}) (Version: 3.4.0.200 - Dell Inc.)
Discord (HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
EdgeDeflector (HKLM-x32\...\EdgeDeflector) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{5D2C53C5-AA9C-493F-99B6-A8F458A62EAB}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GIMP 2.10.12 (HKLM\...\GIMP-2_is1) (Version: 2.10.12 - The GIMP Team)
Git version 2.23.0.windows.1 (HKLM\...\Git_is1) (Version: 2.23.0.windows.1 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HL-L2300D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Inkscape 0.92.4 (HKLM-x32\...\Inkscape) (Version: 0.92.4 - Inkscape Project)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.369 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6860 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0210-1034-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{75299AB0-6BC8-435F-8D62-AA1DDEA1EF2F}) (Version: 7.5.2 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{8b4afc00-80a1-4095-94d6-1820cb1d8306}) (Version: 21.20.1.1 - Intel Corporation) Hidden
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java SE Development Kit 8 Update 221 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180221}) (Version: 8.0.2210.11 - Oracle Corporation)
KDE Connect (HKLM-x32\...\KDE Connect) (Version: master-6baa2ff9 - KDE e.V.)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1104.625 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Nextcloud (HKLM-x32\...\Nextcloud) (Version: 2.6.0.5839 - Nextcloud GmbH)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
ONLYOFFICE Desktop Editors 5.4 (HKLM\...\ONLYOFFICE Desktop Editors_is1) (Version: 5.4.2.30 - Ascensio System SIA.)
Paquete de compatibilidad redirigido de documentación de Microsoft .NET Framework 4.7.1 (español) (HKLM-x32\...\{927FF4FD-8E47-4022-8545-22FD78FBC2AB}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - Adafruit Industries LLC (usbser) Ports  (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC)
Paquete de controladores de Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc))
Paquete de controladores de Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc))
Paquete de controladores de Windows - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org))
Paquete de controladores de Windows - libusb-win32 (libusb0) libusb-win32 devices  (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32)
Paquete de controladores de Windows - Linino (usbser) Ports  (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino)
Python 3.7.4 (32-bit) (HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\{b66087e3-469e-4725-8b9b-f0981244afea}) (Version: 3.7.4150.0 - Python Software Foundation)
Python 3.7.4 Add to Path (32-bit) (HKLM-x32\...\{53C4AA04-FA4C-49B0-AC2E-E7134655B041}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Core Interpreter (32-bit) (HKLM-x32\...\{A56641A4-58A7-471F-A0AE-A6633F4FA2BB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Development Libraries (32-bit) (HKLM-x32\...\{4816C66E-55BF-4A8D-A5CE-FEAC36F4D192}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Documentation (32-bit) (HKLM-x32\...\{BB344FE7-A97C-44F0-BAF4-AA0C7D6359BA}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Executables (32-bit) (HKLM-x32\...\{CE095720-010D-4605-872E-EF3673551DF0}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 pip Bootstrap (32-bit) (HKLM-x32\...\{8DA900ED-69C5-41D9-8F85-416FBE1C89CB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Standard Library (32-bit) (HKLM-x32\...\{236BB597-B9C7-4084-BD77-0DCCDA0D947F}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8F959BE9-8184-4C35-AB2A-87401C0279EB}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Test Suite (32-bit) (HKLM-x32\...\{D41CCB8E-4FD1-4EBF-9790-5B2218B5C5DD}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python 3.7.4 Utility Scripts (32-bit) (HKLM-x32\...\{DE70FA71-6C2C-48C2-9B54-4049CD25154C}) (Version: 3.7.4150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D722DA3A-92F5-454A-BD5D-A48C94D82300}) (Version: 3.7.6762.0 - Python Software Foundation)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.26.328.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8642 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SmartByte Drivers and Services (HKLM\...\{CAFD2E75-129F-42AD-8258-0FC494ACBD8E}) (Version: 2.5.719 - Rivet Networks)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Spark AR Studio (HKLM\...\{2250D55F-95BD-4500-85F6-AE990BB8780E}) (Version: 75.0.22 - Facebook Inc.)
Spotify (HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Spotify) (Version: 1.1.15.448.g00fba0e3 - Spotify AB)
Streamlabs OBS 0.17.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.17.1 - General Workings, Inc.)
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
Ultimaker Cura 4.3 (HKLM-x32\...\Ultimaker Cura 4.3) (Version: 4.3.0 - Ultimaker)
Unity Hub 2.1.2 (HKLM\...\Unity Technologies - Hub) (Version: 2.1.2 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{108AD0F6-2878-452B-8351-2C22A7A0C355}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\7bbfb8bb) (Version: 15.9.28307.812 - Microsoft Corporation)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Youtube-DLG versión 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)

Packages:
=========
Buscaminas simple -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMinesweeper_1.1.0.6_neutral__kx24dqmazqk8j [2019-09-30] (Random Salad Games LLC)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.7.0_x64__htrsf667h5kn2 [2019-12-08] (Dell Inc)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-08-22] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-09-30] (NVIDIA Corp.)
Video Editor Studio : Movie Maker, Flim Editor, Audio Mixer and More -> C:\Program Files\WindowsApps\64815ZMobileApps.VideoEditorStudioMovieMakerFlimEd_1.1.2.0_x64__y5q3202s7vj2w [2019-09-19] (Z Mobile Apps) [MS Ad]
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-08-22] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1060447544-1651597415-456183299-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-1060447544-1651597415-456183299-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\jesus\AppData\Local\Autodesk\webdeploy\production\14a06251b3eefd57250bf554592d1052229b51bd\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-1060447544-1651597415-456183299-1001_Classes\CLSID\{ca0c9aaf-9303-4404-afb8-d2b5c7957d83} -> [Nextcloud] => C:\Users\jesus\Nextcloud [2019-10-27 20:39]
CustomCLSID: HKU\S-1-5-21-1060447544-1651597415-456183299-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1060447544-1651597415-456183299-1001_Classes\CLSID\{eb1fdd5b-8f70-4b5a-b230-998a2dc19303}\localserver32 -> C:\Program Files\KDE Connect\bin\SnoreToast.exe (K Desktop Environment e.V. -> )
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files\Nextcloud\shellext\OCOverlays.dll [2019-09-27] (Nextcloud GmbH -> ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files\Nextcloud\shellext\OCOverlays.dll [2019-09-27] (Nextcloud GmbH -> ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files\Nextcloud\shellext\OCOverlays.dll [2019-09-27] (Nextcloud GmbH -> ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files\Nextcloud\shellext\OCOverlays.dll [2019-09-27] (Nextcloud GmbH -> ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files\Nextcloud\shellext\OCOverlays.dll [2019-09-27] (Nextcloud GmbH -> ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files\Nextcloud\shellext\OCContextMenu.dll [2019-09-27] (Nextcloud GmbH -> ownCloud Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_500ef3cb43f79445\nvshext.dll [2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-08] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Play Música.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Unity AssetStore.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=plhhaoeeknkjgdkdjgiiiollojlmdcak
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm

==================== Loaded Modules (Whitelisted) =============

2016-10-12 00:08 - 2016-10-12 00:08 - 000124928 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000223232 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-09-29 13:34 - 2019-09-29 13:34 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-09-29 13:34 - 2019-09-29 13:34 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-09-29 13:34 - 2019-09-29 13:34 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-09-09 12:33 - 2019-08-20 13:32 - 005460472 _____ (K Desktop Environment e.V. -> The Qt Company Ltd.) [File not signed] C:\Program Files\KDE Connect\bin\Qt5Core.dll
2017-09-28 17:41 - 2017-09-28 17:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2019-03-07 09:24 - 2019-03-07 09:24 - 000102400 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-11-22 10:02 - 2019-11-22 10:02 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2019-09-29 13:34 - 2019-09-29 13:34 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-09-27 16:19 - 2019-09-27 16:19 - 006159480 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\Nextcloud\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-08 21:27 - 2019-12-08 21:27 - 000000849 _____ C:\Windows\system32\drivers\etc\hosts
172.217.22.131 jesus.mola

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Android;%JAVA_HOME%\bin;C:\Program Files\Git\cmd;C:\Program Files\Git\mingw64\bin;C:\Program Files\Git\usr\bin
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 212.231.6.7 - 46.6.113.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4BACDDACF2A38CCE7C5B066A34096BF2"
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7461DEDE-30E9-4776-864E-D7DFECCC87C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DFC998A5-0E8B-497F-B6D6-68CD15EE6EDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{36CD31DC-0F58-41DE-A616-03BB6873B618}C:\users\jesus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jesus\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AECF979D-05FA-4103-A332-B97C578381F6}C:\users\jesus\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jesus\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B9DCD10C-093D-4711-A4DF-91562190049B}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9C04D5DD-EA28-48FC-87E4-24D55156FBCA}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4956A484-6653-42C4-B987-2D792108A957}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{41F669DF-210B-45CA-AC6D-3D2D02D36161}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{306A9C54-2F5C-40A9-88F5-86346F63A5AA}C:\program files\java\jdk1.8.0_221\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_221\bin\java.exe
FirewallRules: [UDP Query User{9F744C3D-A90B-4011-A390-7722510E9FE4}C:\program files\java\jdk1.8.0_221\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_221\bin\java.exe
FirewallRules: [TCP Query User{AC279271-76E2-4142-95AC-99E18878523B}C:\program files\kde connect\bin\kdeconnectd.exe] => (Allow) C:\program files\kde connect\bin\kdeconnectd.exe (K Desktop Environment e.V. -> )
FirewallRules: [UDP Query User{5DDE0920-3582-4ACF-909F-FC94957D5AC6}C:\program files\kde connect\bin\kdeconnectd.exe] => (Allow) C:\program files\kde connect\bin\kdeconnectd.exe (K Desktop Environment e.V. -> )
FirewallRules: [{C482D48B-323D-486E-A630-FA5DEEB3D381}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{6A6FA8C9-1C55-4D7E-87C0-60DCA4B7B355}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{6171F59A-EE4D-4F48-B915-0B93D9572738}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{9EB695EC-D9BE-4D24-901D-CF472B77F388}] => (Allow) C:\Program Files\Unity\Hub\Editor\2018.4.9f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{783AA2BF-C5D0-4489-AE33-2DD543259A5F}] => (Block) C:\Program Files\Unity\Hub\Editor\2018.4.9f1\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{6642208F-E741-47AD-89FF-1A865E941B2A}C:\program files\unity\hub\editor\2018.4.9f1\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2018.4.9f1\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{1A53AA89-EF81-4D07-B816-CB7252E11728}C:\program files\unity\hub\editor\2018.4.9f1\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2018.4.9f1\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{D86F7C62-A952-46B4-9747-B12641292BEC}C:\program files\unity\hub\editor\2018.4.9f1\editor\data\playbackengines\androidplayer\tools\openjdk\windows\bin\java.exe] => (Allow) C:\program files\unity\hub\editor\2018.4.9f1\editor\data\playbackengines\androidplayer\tools\openjdk\windows\bin\java.exe
FirewallRules: [UDP Query User{0558A4B5-9FA7-4208-9BE3-806504A6F8C0}C:\program files\unity\hub\editor\2018.4.9f1\editor\data\playbackengines\androidplayer\tools\openjdk\windows\bin\java.exe] => (Allow) C:\program files\unity\hub\editor\2018.4.9f1\editor\data\playbackengines\androidplayer\tools\openjdk\windows\bin\java.exe
FirewallRules: [{8BA03054-8AD8-475B-BB5C-894855C5C7C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C929B263-EC90-4978-8AC8-BE188B0C2940}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5BBF930-5DF2-4D8C-BD3B-7B4908C28D66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{004D8808-881B-4992-A868-4359A11524E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5CDBC486-D728-4BB9-8A2F-B0A424E3F374}C:\program files\ultimaker cura 4.3\cura.exe] => (Allow) C:\program files\ultimaker cura 4.3\cura.exe () [File not signed]
FirewallRules: [UDP Query User{0AA97593-0BD3-4F3B-B26A-45C7E696646A}C:\program files\ultimaker cura 4.3\cura.exe] => (Allow) C:\program files\ultimaker cura 4.3\cura.exe () [File not signed]
FirewallRules: [TCP Query User{1857E12A-54D8-417B-8622-EDE789CE50CF}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{ADB2C32E-CA0B-4D83-850C-11626AF7562E}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{59D1AAA2-5B44-4AA4-9A62-EE932775C413}C:\program files\spark ar studio\v75\arstudiowindows.exe] => (Allow) C:\program files\spark ar studio\v75\arstudiowindows.exe (Facebook, Inc. -> )
FirewallRules: [UDP Query User{9818F48B-64F2-45EE-B76D-4FAA6FB45519}C:\program files\spark ar studio\v75\arstudiowindows.exe] => (Allow) C:\program files\spark ar studio\v75\arstudiowindows.exe (Facebook, Inc. -> )
FirewallRules: [{8D09D9A1-DDAD-4C42-8886-15DABA3B9CF6}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{6B807BD4-9129-4ECF-BCC4-149DF42D40C2}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技（上海）有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{E043E463-A73F-4BCD-9805-288673E0ACB7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{4A43EA53-AED8-42EB-935D-77C7965748B3}C:\users\jesus\downloads\anydesk.exe] => (Allow) C:\users\jesus\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{A532B056-074A-4A7E-BD51-5CECF77E4DD5}C:\users\jesus\downloads\anydesk.exe] => (Allow) C:\users\jesus\downloads\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP Query User{54593B5F-E358-4E07-A40F-9132966F6D48}C:\users\jesus\downloads\anydesk (1).exe] => (Allow) C:\users\jesus\downloads\anydesk (1).exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{ADDF5ED5-ED3E-49D9-9A1C-4618F9FAE0B1}C:\users\jesus\downloads\anydesk (1).exe] => (Allow) C:\users\jesus\downloads\anydesk (1).exe (philandro Software GmbH -> )

==================== Restore Points =========================

21-11-2019 00:10:00 Windows Update
01-12-2019 12:36:01 Punto de control programado
08-12-2019 19:42:15 Punto de control programado
13-12-2019 01:04:02 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/14/2019 07:48:49 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 18552 y el tamaño necesario es 38560.

Error: (12/14/2019 12:39:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5dc54d17
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.18362.535, marca de tiempo: 0x5bd9df62
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x001135d2
Identificador del proceso con errores: 0xf88
Hora de inicio de la aplicación con errores: 0x01d5b27320cbcfcb
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll
Identificador del informe: 52c8b332-07ac-4233-b726-bf96b91f97bf
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/14/2019 12:39:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])

Error: (12/14/2019 12:39:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (12/14/2019 12:39:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (12/13/2019 01:41:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: FreemakeUtilsService.exe, versión: 1.0.0.0, marca de tiempo: 0x5dc54d17
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.18362.535, marca de tiempo: 0x5bd9df62
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x001135d2
Identificador del proceso con errores: 0xde0
Hora de inicio de la aplicación con errores: 0x01d5b1b2a43adb03
Ruta de acceso de la aplicación con errores: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll
Identificador del informe: ed965dd1-404e-437c-a40a-d1ea9b518d97
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/13/2019 01:41:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: FreemakeUtilsService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en FreemakeUtilsService.Program.Main(System.String[])

Error: (12/12/2019 11:21:07 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 18496 y el tamaño necesario es 39848.


System errors:
=============
Error: (12/14/2019 12:39:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Freemake Improver no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/14/2019 12:39:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (60000 ms) para la conexión con el servicio Freemake Improver.

Error: (12/13/2019 02:04:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HI98IAD)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/13/2019 01:41:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Freemake Improver no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (12/13/2019 01:41:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (60000 ms) para la conexión con el servicio Freemake Improver.

Error: (12/13/2019 01:00:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (12/10/2019 09:24:26 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/10/2019 03:38:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HI98IAD)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2019-12-15 12:58:14.563
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {F8F07B5B-5E92-49AD-94D5-B145E8AC6ACF}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-12-14 20:21:48.208
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {6F0B9383-7AF0-4E76-8DE2-22CEE0D542DD}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-12-14 20:16:14.532
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {2E012846-54A4-4E30-9421-FEADFFA35E0A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-12-14 20:09:06.700
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A6B1A2A2-5236-4628-B9DF-19C341AF20F3}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-12-14 20:03:26.934
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {50105CA5-8379-4EB0-A3BF-F3ACF5C3A55D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-11-19 17:55:52.660
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2278.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-11-19 17:55:52.660
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2278.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-11-19 17:55:52.660
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2278.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-11-19 17:55:28.574
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2278.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-11-19 17:55:28.574
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2278.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

CodeIntegrity:
===================================

Date: 2019-08-22 01:44:18.356
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Installer\MSIAE66.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: Dell Inc. 1.10.0 05/23/2019
Motherboard: Dell Inc. 05K0D2
Processor: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Percentage of memory in use: 88%
Total physical RAM: 8035.27 MB
Available physical RAM: 901.52 MB
Total Virtual: 14179.27 MB
Available Virtual: 3472.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:234.76 GB) (Free:56.99 GB) NTFS

\\?\Volume{41eb5e60-dc6c-4b41-a70d-e6f52dbbf33f}\ () (Fixed) (Total:0.23 GB) (Free:0.2 GB) FAT

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

• Para hacerlo descarga Delfix en tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:

Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\MountPoints2: {d5dd19b0-e3bf-11e9-b760-982cbc346506} - "D:\OnePlus_setup.exe" /s
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [f619a1d2] => C:\ProgramData\Intel\Wireless\e6844d2\aefgdab.exe [943784 2019-12-15] (AutoIt Consulting Ltd -> AutoIt Team)
C:\ProgramData\Intel\Wireless
2019-11-22 21:17 - 2019-11-22 21:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne8e08544155def4b
2019-11-22 21:16 - 2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignf176ee2618397ab1
2019-11-22 21:16 - 2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne11e324ce54d6ed4
2019-11-22 21:16 - 2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign0e40f42050e8e537
2019-11-22 21:15 - 2019-11-22 21:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign3f7a1f90d19a59b0
2019-11-22 21:15 - 2019-11-22 21:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign38dd0341b5bba0a3
2019-11-22 20:45 - 2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc4270ecd4fbfdfd9
2019-11-22 20:45 - 2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna105c6b1a9c8e2ff
2019-11-22 20:45 - 2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign51130cc9951f4e35
2019-11-22 20:44 - 2019-11-22 20:44 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc8753fa24a77997d
2019-11-22 20:44 - 2019-11-22 20:44 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign63eb6480f1d45df5
2019-11-19 19:22 - 2019-11-19 19:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7cfcec9e19e99768
2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne5656470338b31df
2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignadd1e1eb45f23c32
2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign77a97cbc1ada9887
2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7591cd15e376a0cd
2019-11-19 18:15 - 2019-11-19 18:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign2313c16371105f64
2019-11-19 18:14 - 2019-11-19 18:14 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne29f4fba5b1641e8
2019-11-19 18:14 - 2019-11-19 18:14 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna2d8ddaa8c31aa77
2019-11-19 18:10 - 2019-11-19 18:10 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign50fedcb48604b9b1
2019-11-19 18:10 - 2019-11-19 18:10 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign49903230559cc7a8
2019-11-19 18:09 - 2019-11-19 18:09 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc04bc90e2f4902fc
2019-11-19 17:58 - 2019-11-19 17:58 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign9b5b88f2f91eeb46
2019-11-19 17:58 - 2019-11-19 17:58 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign8516046bebb381b1
2019-11-19 17:57 - 2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignf5d7772976e34238
2019-11-19 17:57 - 2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignd2c04c4d7afd8188
2019-11-19 17:57 - 2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign1d30adf1293f8c07
2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc433084f610f1171
2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc223d269b7f4f960
2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign635478c8193246bd
2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign3774c4474b099b2e
2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign09d7654c56a21cf7
2019-11-16 01:05 - 2019-11-16 01:05 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign0158e66b3e7083f7
2019-11-16 01:04 - 2019-11-16 01:04 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignfa44fd642c4c6556
2019-11-16 00:33 - 2019-11-16 00:33 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign9ca2dad7fb272dc5
2019-11-16 00:24 - 2019-11-16 00:24 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7f0ffe4be544989a
2019-11-16 00:22 - 2019-11-16 00:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna213c88cb9b52d37
2019-11-16 00:22 - 2019-11-16 00:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign169b2802f9023b1b
2019-11-16 00:21 - 2019-11-16 00:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne8d75c306ec961dc
2019-11-16 00:21 - 2019-11-16 00:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc8fa389acb2632df
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Play Música.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Unity AssetStore.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=plhhaoeeknkjgdkdjgiiiollojlmdcak
ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

• Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

• Ejecutas Frst.exe.

• Presionas el botón Fix y aguardas a que termine.

• La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema y ademas estos otros pasos adicionales.

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.

• Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).

• Pulsa en el botón “Open Malewarebytes Free”.

• Presiona el botón “Scan” (Escaneo).

Una vez finalizado el escaneo aparecerá la siguiente pantalla:

• Pulsa en “View report” (Ver informe).

• Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…

2) Descarga Adwcleaner en el escritorio.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.

• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")

• Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• Si no encuentra nada, pulsamos “Omitir Reparación”

• El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.

Hola buenas, disculpe la tardanza, aquí pego el Fixlog y ahora procedo a instalar los correspondientes programas. Gracias <3

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by jesus (21-12-2019 17:02:45) Run:1
Running from C:\Users\jesus\Desktop
Loaded Profiles: jesus (Available Profiles: jesus)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************

Start

CreateRestorePoint:

CloseProcesses:



HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\MountPoints2: {d5dd19b0-e3bf-11e9-b760-982cbc346506} - "D:\OnePlus_setup.exe" /s

HKU\S-1-5-21-1060447544-1651597415-456183299-1001\...\Run: [f619a1d2] => C:\ProgramData\Intel\Wireless\e6844d2\aefgdab.exe [943784 2019-12-15] (AutoIt Consulting Ltd -> AutoIt Team)

C:\ProgramData\Intel\Wireless

2019-11-22 21:17 - 2019-11-22 21:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne8e08544155def4b

2019-11-22 21:16 - 2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignf176ee2618397ab1

2019-11-22 21:16 - 2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne11e324ce54d6ed4

2019-11-22 21:16 - 2019-11-22 21:16 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign0e40f42050e8e537

2019-11-22 21:15 - 2019-11-22 21:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign3f7a1f90d19a59b0

2019-11-22 21:15 - 2019-11-22 21:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign38dd0341b5bba0a3

2019-11-22 20:45 - 2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc4270ecd4fbfdfd9

2019-11-22 20:45 - 2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna105c6b1a9c8e2ff

2019-11-22 20:45 - 2019-11-22 20:45 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign51130cc9951f4e35

2019-11-22 20:44 - 2019-11-22 20:44 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc8753fa24a77997d

2019-11-22 20:44 - 2019-11-22 20:44 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign63eb6480f1d45df5

2019-11-19 19:22 - 2019-11-19 19:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7cfcec9e19e99768

2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne5656470338b31df

2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignadd1e1eb45f23c32

2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign77a97cbc1ada9887

2019-11-19 19:21 - 2019-11-19 19:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7591cd15e376a0cd

2019-11-19 18:15 - 2019-11-19 18:15 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign2313c16371105f64

2019-11-19 18:14 - 2019-11-19 18:14 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne29f4fba5b1641e8

2019-11-19 18:14 - 2019-11-19 18:14 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna2d8ddaa8c31aa77

2019-11-19 18:10 - 2019-11-19 18:10 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign50fedcb48604b9b1

2019-11-19 18:10 - 2019-11-19 18:10 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign49903230559cc7a8

2019-11-19 18:09 - 2019-11-19 18:09 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc04bc90e2f4902fc

2019-11-19 17:58 - 2019-11-19 17:58 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign9b5b88f2f91eeb46

2019-11-19 17:58 - 2019-11-19 17:58 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign8516046bebb381b1

2019-11-19 17:57 - 2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignf5d7772976e34238

2019-11-19 17:57 - 2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignd2c04c4d7afd8188

2019-11-19 17:57 - 2019-11-19 17:57 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign1d30adf1293f8c07

2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc433084f610f1171

2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc223d269b7f4f960

2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign635478c8193246bd

2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign3774c4474b099b2e

2019-11-16 01:17 - 2019-11-16 01:17 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign09d7654c56a21cf7

2019-11-16 01:05 - 2019-11-16 01:05 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign0158e66b3e7083f7

2019-11-16 01:04 - 2019-11-16 01:04 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignfa44fd642c4c6556

2019-11-16 00:33 - 2019-11-16 00:33 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign9ca2dad7fb272dc5

2019-11-16 00:24 - 2019-11-16 00:24 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign7f0ffe4be544989a

2019-11-16 00:22 - 2019-11-16 00:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigna213c88cb9b52d37

2019-11-16 00:22 - 2019-11-16 00:22 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsign169b2802f9023b1b

2019-11-16 00:21 - 2019-11-16 00:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsigne8d75c306ec961dc

2019-11-16 00:21 - 2019-11-16 00:21 - 000000000 ____D C:\Users\jesus\AppData\Local\Tempzxpsignc8fa389acb2632df

ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ARC Welder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn

ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Play Música.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi

ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Unity AssetStore.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=plhhaoeeknkjgdkdjgiiiollojlmdcak

ShortcutWithArgument: C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]



HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END

*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-1060447544-1651597415-456183299-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5dd19b0-e3bf-11e9-b760-982cbc346506} => removed successfully
"HKU\S-1-5-21-1060447544-1651597415-456183299-1001\Software\Microsoft\Windows\CurrentVersion\Run\\f619a1d2" => removed successfully
C:\ProgramData\Intel\Wireless => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigne8e08544155def4b => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignf176ee2618397ab1 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigne11e324ce54d6ed4 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign0e40f42050e8e537 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign3f7a1f90d19a59b0 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign38dd0341b5bba0a3 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignc4270ecd4fbfdfd9 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigna105c6b1a9c8e2ff => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign51130cc9951f4e35 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignc8753fa24a77997d => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign63eb6480f1d45df5 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign7cfcec9e19e99768 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigne5656470338b31df => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignadd1e1eb45f23c32 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign77a97cbc1ada9887 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign7591cd15e376a0cd => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign2313c16371105f64 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigne29f4fba5b1641e8 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigna2d8ddaa8c31aa77 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign50fedcb48604b9b1 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign49903230559cc7a8 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignc04bc90e2f4902fc => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign9b5b88f2f91eeb46 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign8516046bebb381b1 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignf5d7772976e34238 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignd2c04c4d7afd8188 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign1d30adf1293f8c07 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignc433084f610f1171 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignc223d269b7f4f960 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign635478c8193246bd => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign3774c4474b099b2e => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign09d7654c56a21cf7 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign0158e66b3e7083f7 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignfa44fd642c4c6556 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign9ca2dad7fb272dc5 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign7f0ffe4be544989a => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigna213c88cb9b52d37 => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsign169b2802f9023b1b => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsigne8d75c306ec961dc => moved successfully
C:\Users\jesus\AppData\Local\Tempzxpsignc8fa389acb2632df => moved successfully
C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\ARC Welder.lnk => Shortcut argument removed successfully
C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Play Música.lnk => Shortcut argument removed successfully
C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Unity AssetStore.lnk => Shortcut argument removed successfully
C:\Users\jesus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Vysor.lnk => Shortcut argument removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1060447544-1651597415-456183299-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1060447544-1651597415-456183299-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 87567530 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6329894 B
Edge => 1314241 B
Chrome => 938419100 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 2472643 B
systemprofile32 => 2472643 B
LocalService => 2472643 B
NetworkService => 2656827 B
jesus => 414313328 B

RecycleBin => 2643319 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:04:20 ====

Malware Bytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 21/12/19
Hora del análisis: 17:10
Archivo de registro: 603ef9f0-240c-11ea-a4d8-d8d0900a48ca.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.785
Versión del paquete de actualización: 1.0.16542
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.535)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-HI98IAD\jesus

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 309533
Amenazas detectadas: 1
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 min, 56 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.BundleInstaller, C:\USERS\JESUS\DOWNLOADS\UTORRENT.EXE, Sin acciones por parte del usuario, 493, 774106, 1.0.16542, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build:    12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-21-2019
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  35232
# Detected: 13


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SUPPORTASSISTAGENT 
Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT 
Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C60E8E6C-9C76-4458-9D44-2B5A991BEDB0}  
Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C60E8E6C-9C76-4458-9D44-2B5A991BEDB0}  
Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate 
Preinstalled.DellSupportAssistAgent   Task   C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE 
Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATE 
Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATESERVICE 
Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\DELL\UPDATESERVICE 
Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE 
Preinstalled.DellUpdateforWindows10   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577} 
Preinstalled.SmartByte   Folder   C:\Program Files\RIVET NETWORKS 
Preinstalled.SmartByte   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Bien, pero si no me dices como va todo, no puedo saberlo

Funciona todo correctamente, muchas gracias por haberme dedicado todo este tiempo

Para eliminar las herramientas usadas en la desinfección, realizas:

• Descargas y Ejecutas >> Delfix, en tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

• Marca solamente la casilla Remove disinfection tools

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.

Me alegro de haberte podido ayudar!

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.