Notepad.exe

Buenas,

El ordenador cada vez más lento y al utilizar el administrador de tareas hay varios procesos que consumen mucha CPU hasta llegar al 100% y los más importantes son todos relacionados con el bloc de notas. Asumo que tiene que ser un virus o troyano, ya que el bloc de notas no se está usando y no debería de utilizar tanta CPU, pero no sé como eliminarlo. He probado la herramienta malwarebytes y la seguridad de window pero no lo detectan como amenaza, ayuda¡

Buenas @Juanjo_De_La_Rosa_Bl Bienvenido al Foro.!!!

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

Okey, os paso el contenido:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 24/1/20
Hora del análisis: 10:34
Archivo de registro: bf67ee4c-3e8c-11ea-9696-f83441f11b79.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.793
Versión del paquete de actualización: 1.0.18178
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.535)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-TAB2J3I2\juanj

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 364627
Amenazas detectadas: 70
Amenazas en cuarentena: 69
Tiempo transcurrido: 4 min, 17 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.NewTab, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\imhlianhlhdicjchlbmbfaefhhjencbe, En cuarentena, 2330, 513814, 1.0.18178, , ame, 

Valor del registro: 6
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-834281191-308620131-98223848-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|21C5FDEB, En cuarentena, 5615, 783345, 1.0.18178, , ame, 
Trojan.Agent, HKU\S-1-5-21-834281191-308620131-98223848-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3F1B33AC, En cuarentena, 475, 667268, 1.0.18178, , ame, 
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-834281191-308620131-98223848-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|51000395, En cuarentena, 5615, 783345, 1.0.18178, , ame, 
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-834281191-308620131-98223848-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|236c03d5, En cuarentena, 5615, 781622, , , , 
PUP.Optional.NewTab, HKU\S-1-5-21-834281191-308620131-98223848-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|IMHLIANHLHDICJCHLBMBFAEFHHJENCBE, En cuarentena, 2330, 513814, , , , 
PUP.Optional.NewTab, HKU\S-1-5-21-834281191-308620131-98223848-1004\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|IMHLIANHLHDICJCHLBMBFAEFHHJENCBE, En cuarentena, 2330, 513814, , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 5
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\62a0f1d\c4eda1b, En cuarentena, 5615, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\62a0f1d, En cuarentena, 5615, 781623, 1.0.18178, , ame, 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\969d7d4, En cuarentena, 5615, 781622, 1.0.18178, , ame, 
Trojan.Agent, C:\PROGRAMDATA\8fe9ef82, En cuarentena, 475, 667267, 1.0.18178, , ame, 

Archivo: 58
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\62A0F1D\47F92FE.AU3, En cuarentena, 5615, 783345, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\62A0F1D\KGBHCJF.EXE, En cuarentena, 5615, 783345, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\62a0f1d\c4eda1b\22-01-2020.log, En cuarentena, 5615, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\62a0f1d\c4eda1b\23-01-2020.log, En cuarentena, 5615, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\62a0f1d\c4eda1b\2781a21, En cuarentena, 5615, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\62a0f1d\c4eda1b\3811c96, En cuarentena, 5615, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\62a0f1d\pe.bin, En cuarentena, 5615, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\969d7d4\bf73736.au3, En cuarentena, 5615, 781622, 1.0.18178, , ame, 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\02-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\03-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\05-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\06-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\07-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\08-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\08-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\09-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\09-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\10-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\10-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\11-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\11-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\12-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\12-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\13-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\13-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\14-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\15-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\15-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\16-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\16-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\17-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\17-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\18-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\18-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\19-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\20-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\20-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\21-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\21-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\22-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\22-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\23-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\23-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\24-01-2020.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\24-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\26-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\30-12-2019.log, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\905aba9, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\bda47de\e530a26, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\969d7d4\pe.bin, En cuarentena, 5615, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\969d7d4\fbejefb.exe, En cuarentena, 5615, 781623, 1.0.18178, , ame, 
Trojan.Agent, C:\PROGRAMDATA\8fe9ef82\8fe9ef82test.au3, En cuarentena, 475, 667267, 1.0.18178, , ame, 
Trojan.Agent, C:\ProgramData\8fe9ef82\8fe9ef82.exe, En cuarentena, 475, 667267, , , , 
Trojan.Agent, C:\ProgramData\8fe9ef82\PE.bin, En cuarentena, 475, 667267, , , , 
Trojan.Agent, C:\ProgramData\8fe9ef82\shell.txt, En cuarentena, 475, 667267, , , , 
PUP.Optional.NewTab, C:\USERS\ALVAR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 2330, 513814, , , , 
PUP.Optional.NewTab, C:\USERS\JUANJ\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 2330, 513814, , , , 
HackTool.FilePatch, C:\PROGRAM FILES (X86)\PLAGIARISMCHECKERX\5.X.X-PATCH.EXE, Sin acciones por parte del usuario, 7583, 281135, 1.0.18178, 6FE06A0942529BF69DCE9199, dds, 00559152

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-27-2020
# Duration: 00:00:19
# OS:       Windows 10 Home
# Cleaned:  56
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\IOBIT\Driver Booster
Deleted       C:\Users\alvar\AppData\Roaming\Solvusoft
Deleted       C:\Users\juanj\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\Users\juanj\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (JUANJ)

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B6229EF-D166-4EF5-B76F-B687576C0A9F} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B6229EF-D166-4EF5-B76F-B687576C0A9F} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA0C3519-DE70-468A-93E6-861A0B99907A} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (JUANJ)
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKLM\Software\Wow6432Node\IObit\Driver Booster

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPAudioSwitch   Folder   C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted       Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E9DB23D-58AF-4D39-9108-10D9F1FEA38C} 
Deleted       Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted       Preinstalled.HPAudioSwitch   Task   C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted       Preinstalled.HPCoolSense   Folder   C:\Program Files (x86)\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Folder   C:\Users\Administrador\AppData\Local\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Folder   C:\Users\alvar\AppData\Local\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Folder   C:\Users\juanj\AppData\Local\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Folder   C:\Windows\System32\Tasks\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Registry   HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7}
Deleted       Preinstalled.HPJumpStartApps   Folder   C:\Program Files (x86)\HP\HP JUMPSTART APPS
Deleted       Preinstalled.HPJumpStartApps   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\HP JumpStart Apps
Deleted       Preinstalled.HPJumpStartBridge   Folder   C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Deleted       Preinstalled.HPJumpStartBridge   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}
Deleted       Preinstalled.HPJumpStartLaunch   Folder   C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted       Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A34B74C6-3768-4C09-8B5C-4D6BF41D0942} 
Deleted       Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Deleted       Preinstalled.HPJumpStartLaunch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4380D813-39E5-46FD-AC23-FC9A1A8B98AA}
Deleted       Preinstalled.HPJumpStartLaunch   Task   C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Deleted       Preinstalled.HPRegistrationService   Folder   C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\Administrador\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\alvar\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\alvar\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\juanj\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\juanj\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKU\S-1-5-21-834281191-308620131-98223848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKU\S-1-5-21-834281191-308620131-98223848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSureConnect   Folder   C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted       Preinstalled.HPSureConnect   Folder   C:\Program Files\HPCOMMRECOVERY
Deleted       Preinstalled.HPSureConnect   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted       Preinstalled.HPTouchSmart   File   C:\Users\juanj\Desktop\Netflix.lnk
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Not Deleted   Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7706 octets] - [27/01/2020 09:41:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by juanj (Administrator) on 27/01/2020 at  9:45:11,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/01/2020 at  9:46:55,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 26-01-2020
Ejecutado por juanj (administrador) sobre LAPTOP-TAB2J3I2 (HP OMEN by HP Laptop 15-ce0xx) (27-01-2020 09:47:44)
Ejecutado desde D:\juanj\Descargas
Perfiles cargados: juanj (Perfiles disponibles: juanj & alvar & Administrador)
Platform: Windows 10 Home Versión 1903 18362.535 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google LLC -> Google LLC) D:\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) D:\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\OMEN Ally\HPOMNSVC.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_714bb34a8e64bfef\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_a2ee347f50507237\x64\OmenCap.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe
(Huawei Technologies Co., Ltd. -> ) [Archivo no firmado] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124014.inf_amd64_2a9c1703ea940708\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124014.inf_amd64_2a9c1703ea940708\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124014.inf_amd64_2a9c1703ea940708\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Scarlet.Crush Productions) [Archivo no firmado] D:\juanj\Descargas\ScpServer\ScpServer\bin\ScpService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe
(X-Rite Incorporated -> X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [704832 2017-04-27] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SecureW2 Tray] => C:\Program Files (x86)\SecureW2\sw2_tray.exe [272200 2017-04-01] (SecureW2 -> SecureW2 B.V.)
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Run: [] =>  [X]
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2020-01-27] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\RunOnce: [Application Restart #0] => D:\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-servic (la entrada de datos tiene 82 más caracteres).
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\MountPoints2: {34836e52-edcd-11e9-9b61-f83441f11b79} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\MountPoints2: {b35f65a9-db75-11e7-995e-f83441f11b79} - "F:\setup.exe" 
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\MountPoints2: {b8c911a9-f340-11e9-9b64-f83441f11b79} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\MountPoints2: {e16b36a6-e1de-11e7-9961-f83441f11b79} - "G:\setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
IFEO\LogTransport2.exe: [Debugger] 0
GroupPolicy: Restricción ? <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {041D7BA3-D7E3-4C95-97E9-69378FC1363A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {055ED4A2-4BA8-4E33-AFFC-5FFC7128B49B} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {0901E0E1-1C79-4495-8A3B-56DB33CDBAB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-01] (Google Inc -> Google Inc.)
Task: {0D64B815-21AA-492A-96DD-E511E065CC52} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {11994002-0320-4FDF-ABB4-422B28CD92D3} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {15B9B4AD-6B4B-4816-B439-26D3BDD319F7} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {17303864-216A-4B7F-95D5-21EE59B296D6} - System32\Tasks\[email protected]com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {1DCF4FF0-C842-479D-8418-CD14B1587421} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [31656 2019-01-24] (X-Rite Incorporated -> X-Rite Inc.)
Task: {22A703F9-F37F-48F3-97C0-4EA5984BCC35} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {266280CC-A9A7-489C-B1DB-338DBC654D8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-01] (Google Inc -> Google Inc.)
Task: {297E96C7-D04E-485B-85B4-AC54713B7D69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [147320 2019-12-19] (HP Inc. -> HP Inc.)
Task: {31FF1DBF-876E-4B0A-B83A-88DA3FD876A2} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe [272200 2017-04-01] (SecureW2 -> SecureW2 B.V.)
Task: {3335AFE5-CA29-4CE9-AE55-32E49D8F3E3B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3697AFFE-D674-41D4-9674-590BBF9F9C3A} - System32\Tasks\[email protected]om => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {3BB1F6D9-AB26-4253-98BF-DDF1A66D5530} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {4D773E19-0BCA-4A46-BBB0-DFDB7AA52B41} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {509804CD-2608-48F2-B20B-3FF1666A03AE} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {55469E7D-44E2-4374-A19B-073111810464} - \HP\HP CoolSense\HP CoolSense Start at Logon -> Ningún archivo <==== ATENCIÓN
Task: {5616E424-D010-4F8E-806A-9044F015AB76} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {57E6F3E8-6F5E-4C1C-83C6-43642656D747} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {65A08EDA-346C-4D60-A520-0546A250D3E6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6866E823-ECEB-42C6-936A-60372D07681A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-834281191-308620131-98223848-1004 => C:\Users\juanj\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {6AAF9E3B-8E39-4543-8F04-7A30E649BAEC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D095411-672F-4B4F-B7D5-6C7D2BC8AEC8} - System32\Tasks\HPCeeScheduleForjuanj => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {852DE8AA-C4CB-4B7E-A65E-89EDB1654B0F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2020-01-27] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {895B8A37-1745-4ED5-9607-13919C0F9915} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8979B39C-6ED1-4A33-8310-049C1373769E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {89FA0EB0-DD9B-42F3-BE9E-F3DF298F36C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92ACF22D-EDE1-4B6B-B146-017ADB87D7D1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {93C61DF4-302A-4840-BA2A-41ECE1D6833B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2020-01-27] (Piriform Software Ltd -> Piriform Ltd)
Task: {AF4342E0-1B7A-40AB-91F6-54EBD3104946} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {B8AE268A-68E9-44A7-8BAC-A9FBD0D355FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C4D54EBE-9E94-46A9-8E11-54AF62AC1832} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C753E94B-9C8C-47F2-995B-033138A66AFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA68A61C-DFC3-4DF2-9206-E980AD1D2E8B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6EA9CA0-35CD-40B5-9088-1DD4C7D122A5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E34CC1B8-F432-403B-89E8-AA4EED50F3A9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E567B558-1166-48CA-80FF-E12C3AC310AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {E84F16A0-9392-4296-BCC7-0777D9A3AA8C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED611086-3E4F-4B97-BF35-767D67263F95} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1420755-5211-43F3-B714-7DEE887752E2} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {F935078A-ADFB-4AD1-885A-A366989408D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAACF932-3237-4ECA-B60C-52467CDBED89} - System32\Tasks\OMEN Command Center BackGround Process => C:\Program Files\HP\OMEN Ally\HPOMENBG.exe [254968 2017-04-27] (HP Inc. -> )

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForjuanj.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a78ee91b-6940-4e4e-ba73-b703f03a45ca}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eeba494e-b6a3-49eb-90a7-edc009f28e27}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-834281191-308620131-98223848-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-834281191-308620131-98223848-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-834281191-308620131-98223848-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-11-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-11-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-11-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR DownloadDir: D:\juanj\Descargas
CHR HomePage: Default -> hxxp://www.ujaen.es/
CHR StartupUrls: Default -> "hxxps://www.google.es/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.hxxps://www.google.com/.com/?type=hp&ts=1446461726&z=12d7deb70b4752d9f2324fdg8zazeqaz4qag8qct7m&from=ient07031&uid=HitachiXHTS545025B9A300_100715PBN200CSGU1E9TX","hxxp://www.ujaen.es/"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Presentaciones) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-01]
CHR Extension: (Web Boost - Wait Less, Browse Faster!) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbkhnpmoamidjgbneafjipbmdfpefad [2019-10-21]
CHR Extension: (Universal Bypass) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-01-26]
CHR Extension: (Documentos) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-01]
CHR Extension: (Google Drive) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-01]
CHR Extension: (YouTube) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-01]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23]
CHR Extension: (Hojas de cálculo) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-01]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (HBO) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcdneneaagenhhkamodfmblbokcgfhda [2019-10-31]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26]
CHR Extension: (Chrome Media Router) - C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR Profile: C:\Users\juanj\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-27]
CHR Profile: C:\Users\juanj\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-27]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5708808 2018-03-29] (BattlEye Innovations e.K. -> )
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 Ds3Service; D:\juanj\Descargas\ScpServer\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Archivo no firmado]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-03-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1855976 2019-07-03] (Intel Corporation -> Intel Corporation)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4608320 2014-11-27] (SafeNet, Inc. -> SafeNet Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\AppHelperCap.exe [447248 2019-08-15] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\NetworkCap.exe [445712 2019-08-15] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_a2ee347f50507237\x64\OmenCap.exe [445200 2019-08-14] (HP Inc. -> HP Inc.)
R2 HPOMNSVC; c:\Program Files\HP\OMEN Ally\HPOMNSVC.exe [619000 2017-04-27] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP Inc. -> HP)
R2 hpsrv; C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe [28192 2017-11-20] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\SysInfoCap.exe [449808 2019-08-15] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_714bb34a8e64bfef\x64\TouchpointAnalyticsClientService.exe [429008 2019-10-08] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [Archivo no firmado]
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [336384 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-24] (Malwarebytes Inc -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2020-01-02] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267552 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [91048 2019-01-24] (X-Rite Incorporated -> X-Rite Inc.)
R2 XTU3SERVICE; c:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-11-09] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53904 2019-07-22] (HP Inc. -> HP)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2017-12-16] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2019-07-03] (Intel Corporation -> Intel Corporation)
S3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2019-07-03] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-09] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-09] (Disc Soft Ltd -> Disc Soft Ltd)
S3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [402264 2019-07-03] (Intel Corporation -> Intel Corporation)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet, Inc. -> SafeNet Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [33352 2018-12-19] (HP Inc. -> HP Inc.)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [41104 2019-07-22] (HP Inc. -> HP)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-07-03] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [95632 2020-01-02] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2020-01-02] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [257528 2020-01-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 iocbios2; c:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2018-11-01] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-07-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8720672 2020-01-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_67284a4773be21e3\nvlddmkm.sys [22749640 2019-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2018-02-04] (PAIPTAC  Driver -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1160488 2020-01-02] (Realtek Semiconductor Corp. -> Realtek )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [46592 2017-02-23] (Realtek Semiconductor Corp. -> Realtek)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [904656 2019-07-03] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-03-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2019-07-03] (SteelSeries ApS -> SteelSeries ApS)
S3 TabletFilter; C:\WINDOWS\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Apple, Inc.) [Archivo no firmado]
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2019-01-25] (PC Micro Systems Inc. -> Nicomsoft Ltd.)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-27 09:47 - 2020-01-27 09:48 - 000000000 ___DC C:\FRST
2020-01-27 09:46 - 2020-01-27 09:46 - 000000714 ____C C:\Users\juanj\Desktop\JRT.txt
2020-01-27 09:44 - 2020-01-27 09:44 - 000008255 ____C C:\Users\juanj\Desktop\AdwCleaner[C00].txt
2020-01-27 09:41 - 2020-01-27 09:42 - 000000000 ___DC C:\AdwCleaner
2020-01-27 09:40 - 2020-01-27 09:40 - 000010450 ____C C:\Users\juanj\Desktop\MBAM.txt
2020-01-27 09:36 - 2020-01-27 09:43 - 000000000 ____D C:\Program Files\CCleaner
2020-01-27 09:36 - 2020-01-27 09:36 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-27 09:36 - 2020-01-27 09:36 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-27 09:36 - 2020-01-27 09:36 - 000000870 ____C C:\Users\Public\Desktop\CCleaner.lnk
2020-01-27 09:36 - 2020-01-27 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-26 13:51 - 2020-01-27 09:33 - 000000000 ___DC C:\Users\alvar\AppData\LocalLow\uTorrent
2020-01-24 10:33 - 2020-01-24 10:33 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-24 10:33 - 2020-01-24 10:33 - 000002028 ____C C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-24 10:33 - 2020-01-24 10:33 - 000000000 ____D C:\Users\juanj\AppData\Local\mbamtray
2020-01-24 10:33 - 2020-01-24 10:33 - 000000000 ____D C:\Users\juanj\AppData\Local\mbam
2020-01-24 10:27 - 2020-01-24 10:27 - 000000247 ____C C:\DelFix.txt
2020-01-24 10:27 - 2020-01-24 10:27 - 000000000 ____D C:\WINDOWS\ERUNT
2020-01-22 16:12 - 2020-01-22 16:12 - 000000000 ___DC C:\cdjfa
2020-01-22 16:12 - 2019-04-24 07:05 - 000000000 ____D C:\Users\alvar\AppData\Roaming\a0062876796f14e81413b72e3ab8c385OLD
2020-01-21 18:03 - 2020-01-21 18:03 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign95c6e644c936fcc3
2020-01-21 18:03 - 2020-01-21 18:03 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign5f8c4f5335a37620
2020-01-21 18:03 - 2020-01-21 18:03 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign3898689910777ebc
2020-01-21 16:14 - 2020-01-21 16:14 - 000000000 ___DC C:\Users\alvar\Documents\Adobe
2020-01-21 16:10 - 2020-01-21 16:10 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2019.lnk
2020-01-20 19:57 - 2020-01-20 19:57 - 000001063 ____C C:\Users\alvar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InDesign.lnk
2020-01-20 19:57 - 2020-01-20 19:57 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign94d295967d0d149a
2020-01-20 19:57 - 2020-01-20 19:57 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign92375c7f43327418
2020-01-20 19:57 - 2020-01-20 19:57 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign6785c7068c72ccf8
2020-01-20 19:56 - 2020-01-20 19:56 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsignb4233cdc45688fe6
2020-01-20 19:56 - 2020-01-20 19:56 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign7d99fe72042cd3fd
2020-01-20 19:56 - 2020-01-20 19:56 - 000000000 ____D C:\Users\alvar\AppData\Local\Tempzxpsign5a26b82d188cce68
2020-01-13 18:54 - 2020-01-13 18:54 - 000000000 ____D C:\WINDOWS\Panther
2020-01-13 18:18 - 2020-01-13 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2020-01-13 18:18 - 2009-10-24 21:15 - 001332224 _____ (AD © 2009) C:\WINDOWS\SysWOW64\SYNSOEMU.DLL
2020-01-13 17:53 - 2020-01-13 17:53 - 000000000 ___DL C:\Program Files (x86)\GOG Galaxy
2020-01-13 17:52 - 2020-01-13 17:52 - 000000000 ___DL C:\Program Files (x86)\BattleScribe
2020-01-13 17:52 - 2020-01-13 17:52 - 000000000 ___DL C:\Program Files (x86)\Battle.net
2020-01-13 17:51 - 2020-01-13 17:51 - 000000000 ___DL C:\Program Files (x86)\Celtx
2020-01-13 17:06 - 2020-01-13 17:07 - 000000001 _____ C:\Users\alvar\AppData\Roaming\godlikeaudio.txt
2020-01-13 17:06 - 2020-01-13 17:06 - 000000000 ____D C:\Users\alvar\AppData\Roaming\FlowStone
2020-01-12 18:25 - 2020-01-13 18:18 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2020-01-12 17:25 - 2020-01-12 17:25 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OMEN Audio Control.lnk
2020-01-12 16:46 - 2020-01-12 16:46 - 000000000 ____D C:\Users\alvar\AppData\Roaming\PreSonus
2020-01-12 16:46 - 2020-01-12 16:46 - 000000000 ____D C:\ProgramData\PreSonus
2020-01-12 16:45 - 2020-01-12 18:25 - 000000000 ____D C:\Program Files\Common Files\Propellerhead Software
2020-01-12 16:25 - 2020-01-12 16:25 - 000000000 ____D C:\Program Files\Common Files\Steinberg
2020-01-11 19:51 - 2020-01-11 19:50 - 000001149 ____C C:\Users\juanj\Desktop\The Sinking City.lnk
2020-01-11 19:50 - 2020-01-11 19:50 - 000001213 ____C C:\Users\juanj\Desktop\Steins Gate.lnk
2020-01-11 19:50 - 2020-01-11 19:50 - 000001211 ____C C:\Users\juanj\Desktop\Sonic Adventure.lnk
2020-01-11 19:49 - 2020-01-11 19:49 - 000001062 ____C C:\Users\juanj\Desktop\Celeste.lnk
2020-01-10 19:56 - 2020-01-13 18:24 - 000000000 ____D C:\Users\alvar\AppData\Roaming\Celemony Software GmbH
2020-01-10 19:56 - 2020-01-10 19:57 - 000000000 ____D C:\Users\alvar\AppData\Roaming\Overloud
2020-01-10 19:56 - 2020-01-10 19:56 - 000000000 ____D C:\Users\alvar\AppData\Roaming\Cakewalk
2020-01-10 19:56 - 2020-01-10 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celemony
2020-01-10 19:56 - 2020-01-10 19:56 - 000000000 ____D C:\ProgramData\Celemony Software GmbH
2020-01-10 19:56 - 2020-01-10 19:56 - 000000000 ____D C:\Program Files\Common Files\Celemony
2020-01-10 19:56 - 2020-01-10 19:56 - 000000000 ____D C:\Program Files\Celemony
2020-01-10 19:56 - 2020-01-10 19:56 - 000000000 ____D C:\Program Files (x86)\Celemony
2020-01-10 19:51 - 2020-01-12 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk
2020-01-10 19:51 - 2020-01-12 16:15 - 000000000 ___DC C:\Cakewalk Projects
2020-01-10 19:51 - 2020-01-12 16:15 - 000000000 ____D C:\Program Files\Common Files\VST3
2020-01-10 19:50 - 2020-01-12 16:35 - 000000000 ___DC C:\Cakewalk Content
2020-01-10 19:50 - 2020-01-12 16:34 - 000000000 ____D C:\Program Files\Cakewalk
2020-01-10 19:50 - 2020-01-12 16:15 - 000000000 ____D C:\ProgramData\Cakewalk
2020-01-10 19:40 - 2020-01-10 19:40 - 000000000 ____D C:\Users\alvar\AppData\Local\bandlab-assistant-updater
2020-01-05 18:02 - 2020-01-12 17:24 - 000000000 ____D C:\WINDOWS\LastGood
2020-01-02 09:17 - 2020-01-02 09:17 - 001086240 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter04.dll
2020-01-02 09:17 - 2020-01-02 09:17 - 001035744 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2020-01-02 09:17 - 2020-01-02 09:17 - 000026080 _____ C:\WINDOWS\system32\RstMwEventLogMsg.dll
2020-01-02 09:16 - 2020-01-02 09:16 - 000438776 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2020-01-02 09:16 - 2020-01-02 09:16 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-12-28 15:14 - 2019-12-28 15:14 - 000045187 ____C C:\Users\alvar\Downloads\3845e6e11afd8fc154957604135082e5-evangelion-3-0-you-can-not-redo.torrent
2019-12-28 15:13 - 2019-12-28 15:13 - 000045187 ____C C:\Users\alvar\Downloads\423084cd92c0fed23b03c52ab42a5eb3-evangelion-2-22.torrent

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-01-27 09:45 - 2017-09-19 18:55 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-01-27 09:44 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-27 09:43 - 2019-08-30 11:51 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2020-01-27 09:43 - 2019-03-19 05:37 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2020-01-27 09:43 - 2017-12-01 14:49 - 000000000 _SHDC C:\Users\juanj\IntelGraphicsProfiles
2020-01-27 09:43 - 2017-05-17 08:21 - 000000000 ___DC C:\ProgramData\HP
2020-01-27 09:42 - 2019-08-30 11:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2020-01-27 09:42 - 2019-07-03 14:13 - 000000000 ___DC C:\Users\juanj\AppData\Roaming\IObit
2020-01-27 09:42 - 2019-07-03 14:13 - 000000000 ___DC C:\ProgramData\IObit
2020-01-27 09:42 - 2018-06-04 08:18 - 000000000 ___DC C:\Users\Administrador\AppData\Roaming\Hewlett-Packard
2020-01-27 09:42 - 2018-06-04 08:09 - 000000000 ___DC C:\Users\Administrador\AppData\Local\HP
2020-01-27 09:42 - 2017-12-16 20:48 - 000000000 ___DC C:\Users\alvar\AppData\Local\Hewlett-Packard
2020-01-27 09:42 - 2017-12-07 11:34 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\Hewlett-Packard
2020-01-27 09:42 - 2017-12-02 17:55 - 000000000 ___DC C:\Users\juanj\AppData\Local\Hewlett-Packard
2020-01-27 09:42 - 2017-12-02 16:05 - 000000000 ___DC C:\Users\juanj\AppData\Roaming\Hewlett-Packard
2020-01-27 09:42 - 2017-12-01 15:45 - 000000000 ___DC C:\Users\alvar\AppData\Local\HP
2020-01-27 09:42 - 2017-12-01 14:50 - 000000000 ___DC C:\Users\juanj\AppData\Local\HP
2020-01-27 09:42 - 2017-05-17 08:23 - 000000000 ___DC C:\Program Files (x86)\HP Inc
2020-01-27 09:42 - 2017-05-17 08:21 - 000000000 ___DC C:\ProgramData\Hewlett-Packard
2020-01-27 09:42 - 2017-05-17 08:21 - 000000000 ___DC C:\Program Files (x86)\Hewlett-Packard
2020-01-27 09:42 - 2017-05-17 08:20 - 000000000 ___DC C:\Program Files (x86)\HP
2020-01-27 09:41 - 2017-12-03 15:00 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\uTorrent
2020-01-27 09:37 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-27 09:37 - 2017-12-09 15:17 - 000000000 ___DC C:\Users\juanj\AppData\Roaming\DAEMON Tools Lite
2020-01-27 09:37 - 2017-12-03 17:54 - 000000000 ___DC C:\Users\juanj\AppData\Local\CrashDumps
2020-01-27 09:37 - 2017-12-02 20:14 - 000000000 ___DC C:\Users\juanj\AppData\Roaming\uTorrent
2020-01-27 09:37 - 2017-12-02 16:33 - 000000000 ___DC C:\Program Files (x86)\Steam
2020-01-27 09:34 - 2019-11-20 18:32 - 000000000 ____D C:\Users\alvar\AppData\Roaming\Spotify
2020-01-27 09:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-27 09:33 - 2019-11-20 18:33 - 000000000 ____D C:\Users\alvar\AppData\Local\Spotify
2020-01-27 09:33 - 2019-06-03 21:23 - 000000000 ___DC C:\Users\alvar\AppData\Local\BitTorrentHelper
2020-01-27 09:33 - 2017-12-01 15:45 - 000000000 _SHDC C:\Users\alvar\IntelGraphicsProfiles
2020-01-27 01:46 - 2019-08-30 11:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-27 01:28 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-26 22:02 - 2019-07-03 14:26 - 000000000 ___DC C:\Program Files (x86)\Driver Booster
2020-01-26 16:21 - 2017-12-03 15:45 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\vlc
2020-01-24 15:21 - 2017-12-07 11:30 - 000000000 ___DC C:\Users\alvar\AppData\Local\CrashDumps
2020-01-24 11:13 - 2019-08-30 11:41 - 001983730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-24 11:13 - 2019-03-19 12:59 - 000865572 _____ C:\WINDOWS\system32\perfh00A.dat
2020-01-24 11:13 - 2019-03-19 12:59 - 000192770 _____ C:\WINDOWS\system32\perfc00A.dat
2020-01-24 11:04 - 2017-12-11 15:13 - 000000364 ____C C:\WINDOWS\Tasks\HPCeeScheduleForjuanj.job
2020-01-24 10:44 - 2019-08-30 11:42 - 000000000 ____D C:\Users\Administrador
2020-01-24 10:34 - 2019-12-21 15:06 - 000000000 ____D C:\Users\juanj\AppData\Local\cache
2020-01-24 10:33 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-24 10:33 - 2018-07-19 11:10 - 000153312 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-23 20:06 - 2019-08-30 11:51 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForjuanj
2020-01-23 13:28 - 2019-10-14 09:08 - 000000000 ___DC C:\Users\juanj\Desktop\TFM2
2020-01-23 13:24 - 2019-01-26 19:41 - 000000000 ___DC C:\Users\juanj\AppData\Local\Microsoft Help
2020-01-23 13:24 - 2018-01-10 00:57 - 000000000 ___DC C:\Users\juanj\AppData\Local\Packages
2020-01-23 09:24 - 2018-05-28 21:04 - 000000000 ___DC C:\Users\juanj\AppData\Local\D3DSCache
2020-01-23 09:15 - 2017-12-01 14:52 - 000002308 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 16:12 - 2018-11-27 20:13 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\a0062876796f14e81413b72e3ab8c385
2020-01-21 18:03 - 2018-11-09 19:19 - 000000000 __RDC C:\Users\alvar\Creative Cloud Files
2020-01-21 18:03 - 2018-11-09 19:15 - 000000000 ___DC C:\Users\alvar\AppData\Local\Adobe
2020-01-21 16:14 - 2018-10-28 14:00 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\Adobe
2020-01-21 16:14 - 2018-05-20 11:12 - 000000000 ___DC C:\Users\alvar\AppData\Local\D3DSCache
2020-01-21 16:10 - 2018-11-09 19:23 - 000000000 ___DC C:\Program Files\Adobe
2020-01-21 16:10 - 2018-01-15 19:27 - 000000000 ___DC C:\Program Files\Common Files\Adobe
2020-01-20 19:58 - 2018-11-09 19:18 - 000001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2020-01-20 15:38 - 2017-12-11 15:13 - 000000000 ___DC C:\Users\juanj\AppData\Local\HP_Inc
2020-01-20 09:14 - 2017-12-01 15:33 - 000000000 ___DC C:\Users\juanj\AppData\Local\PackageStaging
2020-01-20 09:12 - 2017-12-23 19:35 - 000000000 ___DC C:\Users\alvar\AppData\Local\HP_Inc
2020-01-19 14:36 - 2019-10-03 14:53 - 000002400 ____C C:\Users\alvar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 14:36 - 2019-08-30 11:51 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-834281191-308620131-98223848-1004
2020-01-19 14:36 - 2017-12-01 15:47 - 000000000 __RDC C:\Users\alvar\OneDrive
2020-01-18 19:20 - 2019-08-29 13:11 - 000000000 ___DC C:\Users\juanj\Documents\PlagiarismCheckerX
2020-01-13 20:50 - 2019-08-30 11:42 - 000000000 ____D C:\Users\alvar
2020-01-13 18:08 - 2018-01-10 00:57 - 000000000 ___DC C:\Users\alvar\AppData\Local\Packages
2020-01-13 18:05 - 2019-06-05 07:19 - 000000000 ___DC C:\ProgramData\X-Rite
2020-01-13 18:01 - 2018-01-08 16:05 - 000000000 ___DC C:\ProgramData\GOG.com
2020-01-13 18:00 - 2019-06-05 07:19 - 000000000 ___DC C:\Program Files (x86)\X-Rite
2020-01-13 17:50 - 2018-07-12 13:51 - 000000000 ___DC C:\Program Files (x86)\Image-Line
2020-01-12 18:31 - 2018-07-12 14:02 - 000000000 ___DC C:\Program Files\Common Files\VST2
2020-01-12 18:25 - 2018-07-12 14:01 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2020-01-12 18:25 - 2018-07-12 14:01 - 000000000 ___DC C:\Program Files\Image-Line
2020-01-12 17:25 - 2017-09-19 18:53 - 003785100 ____C C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2020-01-12 17:24 - 2017-09-19 18:53 - 000000000 ___DC C:\WINDOWS\SysWOW64\RTCOM
2020-01-12 17:23 - 2018-02-17 12:14 - 000000000 ___DC C:\Users\alvar\AppData\Local\ElevatedDiagnostics
2020-01-12 17:13 - 2019-08-30 11:39 - 000994784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-12 16:35 - 2018-03-25 16:38 - 000000000 ___DC C:\ProgramData\eLicenser
2020-01-12 16:35 - 2018-03-25 16:38 - 000000000 ___DC C:\Program Files (x86)\eLicenser
2020-01-12 16:25 - 2018-03-25 16:38 - 000000000 ___DC C:\Users\alvar\AppData\Roaming\Steinberg
2020-01-10 19:56 - 2017-05-17 08:21 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
2020-01-10 19:51 - 2017-05-17 08:19 - 000000000 ___DC C:\ProgramData\Package Cache
2020-01-09 13:36 - 2018-05-19 08:23 - 000000000 ___DC C:\Users\juanj\AppData\Roaming\Adobe
2020-01-09 13:36 - 2017-12-02 17:01 - 000000000 ___DC C:\Users\juanj\AppData\Local\NVIDIA
2020-01-02 09:18 - 2019-07-03 14:36 - 001160488 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2020-01-02 09:17 - 2019-07-03 14:35 - 008720672 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw04.sys
2020-01-02 09:16 - 2019-07-03 14:37 - 000257528 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2020-01-02 09:15 - 2019-07-03 14:33 - 000185232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_I2C.sys
2020-01-02 09:15 - 2019-07-03 14:33 - 000095632 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_GPIO2.sys
2019-12-28 02:47 - 2019-10-18 11:30 - 000000000 ___DC C:\games

==================== Archivos en la raíz de algunos directorios ========

2018-05-17 21:40 - 2018-05-17 21:57 - 000000033 ____C () C:\Users\juanj\AppData\Roaming\AdobeWLCMCache.dat
2018-09-29 22:29 - 2018-11-08 19:28 - 000000820 ____C () C:\Users\juanj\AppData\Local\oobelibMkey.log
2019-08-29 13:05 - 2019-08-29 13:05 - 000000362 ____C () C:\Users\juanj\AppData\Local\winconf.pxt

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 26-01-2020
Ejecutado por juanj (27-01-2020 09:49:01)
Ejecutado desde D:\juanj\Descargas
Windows 10 Home Versión 1903 18362.535 (X64) (2019-08-30 10:51:51)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

05480EC44294445DB338 (S-1-5-21-834281191-308620131-98223848-1005 - Limited - Enabled)
Administrador (S-1-5-21-834281191-308620131-98223848-500 - Administrator - Disabled) => C:\Users\Administrador
alvar (S-1-5-21-834281191-308620131-98223848-1004 - Administrator - Enabled) => C:\Users\alvar
DefaultAccount (S-1-5-21-834281191-308620131-98223848-503 - Limited - Disabled)
Invitado (S-1-5-21-834281191-308620131-98223848-501 - Limited - Disabled)
juanj (S-1-5-21-834281191-308620131-98223848-1001 - Administrator - Enabled) => C:\Users\juanj
juanz (S-1-5-21-834281191-308620131-98223848-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-834281191-308620131-98223848-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-834281191-308620131-98223848-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
Actualización de NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Adobe Bridge CC 2019 (HKLM-x32\...\KBRG_9_0_2) (Version: 9.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1) (Version: 13.1 - Adobe Systems Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Bitsonic Keyzone Classic 1.0 (HKLM\...\{88888ED7-TBF6-9E32-C2C5-KF14615389C8}_is1) (Version: 1.0 - Bitsonic LP)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Celeste MULTi9 - ElAmigos versión 1.2.1.5 (HKLM-x32\...\{61139CD9-ED38-4C39-8690-059314E76702}_is1) (Version: 1.2.1.5 - Matt Makes Games Inc.)
Celtx (2.7) (HKLM-x32\...\Celtx (2.7)) (Version: 2.7 (en-US) - Greyfirst)
Centro de Mouse y Teclado de Microsoft (HKLM\...\{062AC796-601D-4DA6-90CE-62683A8879F6}) (Version: 3.2.116.0 - Microsoft Corporation) Hidden
Centro de Mouse y Teclado de Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Chrome Remote Desktop Host (HKLM-x32\...\{EF08968E-F7E7-43EA-95B1-1E8ACC8CC459}) (Version: 80.0.3987.18 - Google Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Disco Elysium (HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Disco Elysium) (Version:  - HOODLUM)
Driver Booster (HKLM-x32\...\IObit Driver Booster Pro 5.2.0.686) (Version:  - )
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher (HKLM-x32\...\{E08307F5-A379-4B17-9951-0AA9A8ED0A3B}) (Version: 1.1.147.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ePSXe - Dr.Emuler Retail 1.9.1 Ultra (HKLM-x32\...\ePSXe - Dr.Emuler Retail 1.9.1 Ultra) (Version:  - )
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FINAL FANTASY 7 CRISIS CORE ESPAÑOL 1.00 (HKLM-x32\...\FINAL FANTASY 7 CRISIS CORE ESPAÑOL 1.00) (Version: 1.00 - Company)
Final Fantasy X and X-2 HD Remaster MULTi8 - ElAmigos versión 1.0 (HKLM-x32\...\{F201A6CA-7FD9-406F-937D-F621E2C9DF84}_is1) (Version: 1.0 - Square Enix)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gwent (HKLM-x32\...\1971477531_is1) (Version: 3.2.3 - GOG.com)
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HP 3D DriveGuard (HKLM-x32\...\{D3D0E6C5-4B65-4088-A5A9-A7DF27DB5D1A}) (Version:  - )
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{AC154691-D9B6-4CD9-BB9B-ACDAF61367E5}) (Version: 2.22.1 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{2FC69222-01B3-479E-80E6-0AFC593A312A}) (Version: 1.4.23 - HP Inc.)
Intel XTU SDK (HKLM-x32\...\{B84D59E6-845D-45EE-9EA3-63146ACFAFA3}) (Version: 1.0.1 - HP Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4771 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F37FC682-CF30-4432-A58D-4FEC05A17CFB}) (Version: 19.50.0 - Intel Corporation)
Keep Talking and Nobody Explodes 1.1.4 (HKLM-x32\...\Keep Talking and Nobody Explodes 1.1.4) (Version: 1.1.4 - Steel Crate Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
Mp3tag v2.96 (HKLM-x32\...\Mp3tag) (Version: 2.96 - Florian Heidenreich)
Night in the Woods (HKLM-x32\...\Night in the Woods_is1) (Version:  - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.20 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OMEN Command Center (HKLM\...\{B13CB0A1-4411-404C-A7DB-BB1441B089EC}) (Version: 1.1.46 - HP Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Owlboy - ElAmigos versión 1.3.6513.28849 (HKLM-x32\...\{F9C42594-D2A9-4F3E-8880-26C503381DC1}_is1) (Version: 1.3.6513.28849 - D-Pad Studio)
Panel de control de NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Plagiarism Checker X (HKLM-x32\...\{C38DC559-A1B7-4D9C-9E77-E954099E7CC8}) (Version: 5.1.4 - Plagiarism Checker X, LLC) Hidden
Plagiarism Checker X (HKLM-x32\...\Plagiarism Checker X 5.1.4) (Version: 5.1.4 - Plagiarism Checker X, LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.149 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
SecureW2 Enterprise Client 3.5.17 (HKLM-x32\...\SecureW2 Enterprise Client) (Version:  - )
SharpKeys (HKLM-x32\...\{B6685367-A8AD-4414-A2A3-10B40EC5CF30}) (Version:  - )
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
SONIC ADVENTURE DX-Director's Cut (HKLM-x32\...\SONICADVDX) (Version:  - )
Sparkol VideoScribe (HKLM-x32\...\{031D2992-63D1-4BE2-841A-32C44849695B}) (Version: 2.3.7006 - Sparkol) Hidden
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 2.3.7006) (Version: 2.3.7006 - Sparkol)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Spotify) (Version: 1.0.86.337.ga8d5cef9 - Spotify AB)
Star Wars Jedi Fallen Order (HKLM-x32\...\Star Wars Jedi Fallen Order_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.30 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
The Sinking City Necronomicon Edition MULTi15 - ElAmigos versión 1.0 (HKLM-x32\...\{0506F651-A1D9-417D-BB3F-35A9254A48CE}_is1) (Version: 1.0 - Bigben Interactive)
The Walking Dead A New Frontier Episode 5 (HKLM-x32\...\The Walking Dead A New Frontier Episode 5_is1) (Version:  - )
Thronebreaker The Witcher Tales (HKU\S-1-5-21-834281191-308620131-98223848-1001\...\Thronebreaker The Witcher Tales) (Version:  - HOODLUM)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-4) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Recoverit(Build 8.2.1.9) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 8.2.1.9 - Wondershare Software Co.,Ltd.)
X-Rite Device Services Manager (HKLM\...\{95158828-CB92-4CD2-B85C-1B280CC6167D}) (Version: 3.1.7.6 - X-Rite)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-09-19] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-06] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.6.587.0_x64__v10z8vjag6ke6 [2020-01-19] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-29] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.105.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Studios)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-12-01] (Plex)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.5.0_neutral__egxr34yet59cg [2019-05-28] (Paddy Xu) [Startup Task]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-834281191-308620131-98223848-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-A43BC09A5A85} -> [Creative Cloud Files] => C:\Users\juanj\Creative Cloud Files [2018-05-17 21:40]
CustomCLSID: HKU\S-1-5-21-834281191-308620131-98223848-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-834281191-308620131-98223848-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-06-28] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-06-28] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-06-28] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki124014.inf_amd64_2a9c1703ea940708\igfxDTCM.dll [2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\juanj\Desktop\FINAL FANTASY 7 CRISIS CORE.lnk -> D:\Games\FINAL FANTASY 7 CRISIS CORE ESPAÑOL\fer.bat ()
ShortcutWithArgument: C:\Users\juanj\Desktop\HBO.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mcdneneaagenhhkamodfmblbokcgfhda
ShortcutWithArgument: C:\Users\juanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  
ShortcutWithArgument: C:\Users\juanj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\HBO.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mcdneneaagenhhkamodfmblbokcgfhda
ShortcutWithArgument: C:\Users\juanj\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f8d41f122ed2061d\Google Chrome.lnk -> D:\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos cargados (Lista blanca) =============

2019-01-24 19:20 - 2019-01-24 19:20 - 002633728 ____C () [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2019-01-24 19:20 - 2019-01-24 19:20 - 001664512 ____C () [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2019-01-24 19:20 - 2019-01-24 19:20 - 001502208 ____C (X-Rite Inc.) [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\i1pro\i1iO.dll
2019-01-24 19:20 - 2019-01-24 19:20 - 003962368 ____C (X-Rite Inc.) [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Pro.dll
2019-01-24 19:20 - 2019-01-24 19:20 - 002359296 ____C (X-Rite) [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\i1isis\EyeOne_iSis.dll
2019-01-24 19:20 - 2019-01-24 19:20 - 001019392 ____C (X-Rite) [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll
2019-01-24 19:20 - 2019-01-24 19:20 - 004127232 ____C (X-Rite) [Archivo no firmado] C:\Program Files (x86)\X-Rite\Devices\i1Studio\i1Studio.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\alvar\AppData\Local\j2k1jeusnB3sr:zsRurMz1zgUU9VXAzK [2166]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2017-03-18 22:03 - 2018-07-19 11:13 - 000001075 ____C C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 securepubads.g.doubleclick.net
0.0.0.0 www.googletagservices.com
0.0.0.0 gads.pubmatic.com
0.0.0.0 ads.pubmatic.com
0.0.0.0 spclient.wg.spotify.com
0.0.0.0                   telemetry.malwarebytes.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Pro
HKU\S-1-5-21-834281191-308620131-98223848-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\juanj\Desktop\hollow-knight.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "SecureW2 Tray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\StartupFolder: => "GoogleDrive.lnk"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\StartupFolder: => "google.lnk"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-834281191-308620131-98223848-1001\...\StartupApproved\Run: => "3f1b33ac"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{2A11FB55-00F2-4BFD-8EDB-A4461FDD573E}] => (Allow) C:\Program Files (x86)\PlagiarismCheckerX\Update.exe (Plagiarism Checker X, LLC -> Plagiarism Checker X, LLC)
FirewallRules: [{1A2A2E08-1166-478E-BC5B-64D018E29887}] => (Allow) C:\Program Files (x86)\PlagiarismCheckerX\Plagiarism Checker X.exe (Plagiarism Checker X, LLC -> Plagiarism Checker X, LLC) [Archivo no firmado]
FirewallRules: [{9AFD5C68-6A2E-47DF-BE18-00A58FA175A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0AF4C98C-3834-47F9-8289-45AECB0E1630}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{CEE88ECF-84CA-4617-AC6A-5D1EBDE90B89}C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Block) C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{7C2D3898-1ED8-45F1-85CC-654E1EFBD270}C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Block) C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E2F26807-D18B-4F6E-A7FE-90C0E3444313}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [Archivo no firmado]
FirewallRules: [{E796D3A7-73FD-41DA-BCB4-5540124EC571}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [Archivo no firmado]
FirewallRules: [{223A1196-2D8E-49A0-A942-0F2839CEA495}] => (Allow) C:\Program Files (x86)\Driver Booster\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{04DD07B8-B779-4A29-AF3E-774ADB45BCCC}] => (Allow) C:\Program Files (x86)\Driver Booster\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{B42D7CBF-4547-49FC-851A-4DEFE6A10D6F}] => (Allow) C:\Program Files (x86)\Driver Booster\DriverBooster.exe (IObit Information Technology -> IObit) [Archivo no firmado]
FirewallRules: [{6884AFD3-4316-4D76-A403-91AB8454C682}] => (Allow) C:\Program Files (x86)\Driver Booster\DriverBooster.exe (IObit Information Technology -> IObit) [Archivo no firmado]
FirewallRules: [{6E551B96-A889-4928-808C-7DACDEE12E16}] => (Allow) C:\WINDOWS\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [{0E5C1266-6D5B-408B-9EDF-FBF25055BA3F}] => (Allow) LPort=5454
FirewallRules: [UDP Query User{8DD96EF4-7C66-4511-843C-92DE7C7E42B1}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{161DB194-B04E-4ECE-9D8A-98DD0F93A79D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8BCBF72A-343F-4B58-A73E-1D6D82BBC37D}C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Allow) C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{77478C5F-E167-4029-B590-37684C5B109C}C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Allow) C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{1791B272-7983-473B-B2EC-715FA686BBBC}C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Block) C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{3FEE7A58-AFE8-4430-BBF0-C67600B688EA}C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe] => (Block) C:\users\alvar\appdata\roaming\utorrent\updates\3.5.5_45231.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E95BCC9F-564B-4BD2-85BA-EE4C72D7F7B4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{8DB7FBE4-A694-427B-A973-8B92B8F47011}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8721EAB-26EA-48C2-8B2F-C647D9838F6D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAB75B39-2C0F-4D7A-96C3-13FF60F313CE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFB3AEB3-4800-45D7-9B75-2D3A6D3E9043}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5EEBDCFB-35F2-4B5B-AD2C-00920CD04A7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40C5423B-63E4-4489-9245-37CC46CD369A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D503FE49-195C-4AE4-8D35-DDE021E08989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D26F5577-BA59-4B38-940D-6F879E8BECE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{FBC8F6EB-CADF-4F57-B191-847A9D63C9AF}D:\google\chrome\application\chrome.exe] => (Allow) D:\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{6965F7B9-AA0B-4219-9A85-2C96BECA5366}D:\google\chrome\application\chrome.exe] => (Allow) D:\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{BF978E3C-8720-4B0D-AA62-0E7C2F202312}D:\google\chrome\application\chrome.exe] => (Allow) D:\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E602D2E8-C401-4946-BF2B-5F7030F9970F}D:\google\chrome\application\chrome.exe] => (Allow) D:\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{6C36B5BA-A74D-4844-8311-567EC5661674}C:\users\juanj\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juanj\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B909E08F-6D7B-4E37-8507-CCEF51F2E54B}C:\users\juanj\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\juanj\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{61326E8A-840E-43DA-80AD-25536FCACB99}C:\users\alvar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alvar\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1F7173F0-260E-46C0-9807-EE4D2E911ED8}C:\users\alvar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alvar\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{59E1289C-1DFD-42F9-9582-9CB5FBBDE5C8}C:\users\juanj\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\juanj\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{26B046ED-F848-4762-A2B3-5FC3F3C9FD03}C:\users\juanj\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\juanj\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{30428288-2C07-45D0-B458-72AD760323A8}C:\users\juanj\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\juanj\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{308C8159-0B6D-447E-8965-FE47AF262F7C}C:\users\juanj\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\juanj\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{78F55213-AB99-4B02-81FF-77C0E2FE3AFE}] => (Allow) C:\Users\alvar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B9CD32AF-859D-46D2-91B1-07FCE38185F3}] => (Allow) C:\Users\alvar\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4998C32C-070D-444A-86C2-262160F30237}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4244919A-E1F6-4E2B-B468-B6C54168B64E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CC9ADB04-AB4D-43E7-8165-A93277B08117}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBFFC25B-8484-42CB-97C8-B42657F556D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{16D35E2B-3CDE-4752-98A9-B4B4356851FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F03EABB9-940D-46B9-9329-A1EE5FB7E2CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3336BAE-0544-4D47-952D-B1425922A04F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5BB281C0-0501-45D7-8244-5C0194CE3D26}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A966D00-2D26-4AE5-89F7-5402D064F693}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E62A7ECA-FCD6-4ADA-8FC5-CC9E5BD22FE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{47E9DC74-5BCB-4A6E-B5DB-BFB1CCB37839}C:\users\alvar\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\alvar\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{639BB4B7-CE32-45F8-ACD5-6B3D0C10FE72}C:\users\alvar\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\alvar\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8363C024-F0DF-49A2-9B20-E6AEE2263E2A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F1B883BE-5EA6-45D2-B391-0C1E003F7D91}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E5C47A03-0447-466C-B742-4CD27413B844}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9403EB0A-2A3B-4462-A9C0-E4D63550F03C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8734F4C8-0322-4D28-AAD3-B6C256AA365C}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Archivo no firmado]
FirewallRules: [UDP Query User{9E97FE97-83BD-4A41-8176-01F8263857EE}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Archivo no firmado]
FirewallRules: [{DE218761-958B-4F07-AF0F-67898D8016F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EE5A8835-0BAD-4F3D-A829-FEFDB4A97D70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{111F3871-3A63-492A-9B68-DC53CF26D598}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{736CDE19-62D6-4582-AA9E-136B90EDBC44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{402AD5EB-0436-4522-878A-178729F1C65F}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Archivo no firmado]
FirewallRules: [UDP Query User{39F27067-942A-4BD9-957A-DC35940CAB8C}D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Allow) D:\games\star wars jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Archivo no firmado]
FirewallRules: [{D0D82BAE-0CEF-4597-87E8-1CB755846CA1}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Archivo no firmado]
FirewallRules: [{063AA6F4-15A8-4DBE-B83A-D3B442A326C6}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Archivo no firmado]
FirewallRules: [{6DDE8F08-81D6-4B2F-B028-E830C7C56734}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{E344EAB1-61A7-413C-95C6-C64BD141D2DC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

27-01-2020 09:45:11 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/27/2020 09:43:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IntelAudioService.exe, versión: 1.0.152.0, marca de tiempo: 0x5bd0d480
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00007ffd0b791aae
Identificador del proceso con errores: 0x1250
Hora de inicio de la aplicación con errores: 0x01d5d4ede4112827
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: ddf827fe-d629-479c-a8a1-dc704fd1afc9
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (01/27/2020 09:43:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IntelAudioService.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.NullReferenceException

Error: (01/27/2020 09:42:49 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (01/27/2020 09:41:49 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16448,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/27/2020 09:36:23 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/27/2020 01:33:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12440,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/27/2020 01:10:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18748,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/26/2020 11:58:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10368,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (01/27/2020 09:45:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HP Comm Recovery no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (01/27/2020 09:45:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/27/2020 09:45:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (01/27/2020 09:43:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/27/2020 09:43:16 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/27/2020 09:43:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/27/2020 09:43:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/27/2020 09:43:04 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TAB2J3I2)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2020-01-24 10:06:10.297
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {46E01D89-CB5F-430A-A8E5-F9D4D100487B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-01-23 13:14:48.318
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A26A360D-97DE-49DE-B29E-741172A1195E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-01-23 12:25:02.497
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4E3FA42B-D267-471D-A93A-7EFDF861DDC6}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-01-23 12:13:24.601
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {FAD4AF19-0586-4A62-AEE1-609EFE1DB231}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-01-22 11:49:28.850
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {93B19679-2D8E-4CE6-8710-8A6DBAAF9487}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2020-01-25 13:28:24.051
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_67284a4773be21e3\nvdlistx.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-01-24 11:03:17.213
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-24 11:03:12.351
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-24 11:03:11.103
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-24 10:53:32.251
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-24 10:53:31.554
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-24 10:52:30.461
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-24 10:52:28.200
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F.19 04/18/2019
Placa base: HP 838F
Procesador: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Porcentaje de memoria en uso: 27%
RAM física total: 12170.65 MB
RAM física disponible: 8822.33 MB
Virtual total: 14026.65 MB
Virtual disponible: 10134.3 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:26.71 GB) NTFS
Drive d: (DATA) (Fixed) (Total:917.33 GB) (Free:465.84 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:14.18 GB) (Free:1.47 GB) NTFS ==>[sistema con componentes de arranque (obtenido de unidad)]

\\?\Volume{c3d185ac-0b9c-4057-8539-c8bdbb34e352}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.29 GB) NTFS
\\?\Volume{b0ea20ed-68a2-421b-a981-ca6b26eba600}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 266283E0)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B61C2FC7)

Partition: GPT.

==================== Final de Addition.txt =======================

Hola.

Faltaría que comentases como sigue el problema inicialmente planteado…??

Buenas, la verdad es que no me ha vuelto a pasar, pero el archivo notepad.exe sigue estando en la carpeta C:\Windows, es decir, el archivo al cual me mandaban si en el administrador de tareas, en el proceso, le daba a ubicación de archivo. No sé si es que está como archivo residual, o solo está a la espera de volver a activarse…

Hola.

Efectivamente, ese archivo esta ahí y debe seguir estando, es un archivo legitimo de windows y también lo tendrás en C:\Windows\system32\

La infección que tenias lo usaba, pero ese archivo NO es la infección en si misma, donde se ubicaba la infección y YA fue totalmente eliminada por Malwarebytes era aquí :

Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\969d7d4

En esa carpeta y otras similares que había en su interior.



Perfecto @Juanjo_De_La_Rosa_Bl :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.

1 me gusta