PC en rebelión. Ayuda!

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por User (administrador) sobre OWNER-PC (LENOVO 4334) (11-04-2020 10:07:57)
Ejecutado desde C:\Users\User\Desktop
Perfiles cargados: User (Perfiles disponibles: postgres & User)
Platform: Windows 10 Home Versión 1903 18362.418 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Modo de Inicio: Safe Mode (with Networking)
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [134416 2007-04-11] (Logitech -> Logitech Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-09-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-11-21] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [33792 2003-12-13] () [Archivo no firmado]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [XPE] => C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe [28672 2015-08-21] (XPExplorer.com - 2015) [Archivo no firmado]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [239520 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Run: [AvastBrowserAutoLaunch_DD3B34B51295CA4CE249213732CEC2F8] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2023832 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\RunOnce: [Application Restart #0] => C:\Windows\HelpPane.exe [1059840 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Policies\Explorer: [] 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3765.150\Installer\chrmstp.exe [2020-04-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2010-12-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{7C2CDE72-05FD-4829-980A-EFBAD05B7697}] -> C:\WINDOWS\system32\ImageReog.dll [2011-11-21] (Lenovo (Beijing) Limited -> Lenovo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2017-08-14]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) [Archivo no firmado]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {085C37A8-F135-467A-8303-B37E72579541} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {10D13113-701A-429E-AE84-BDAAE60579DE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {16770ECB-455E-4421-B2CF-07C48EEB9DB2} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {19811490-9616-4145-92A1-9DA827AE330D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19843BB1-4933-449B-AD81-35BBA35DB661} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {1BBBA979-9ED6-4430-A80D-3F3578CC7E52} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1F577696-A29B-42A6-B587-88A56D2767AB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {21948F0C-16B2-49AF-BDA8-B462711DB4F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {27172E8C-45D2-4508-8913-7ABCDF2A0099} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {27F35653-0D47-4345-9F99-2E0CCA0975C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {2CAAC903-DD27-4CDD-98CD-748314A536D8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2F45BE10-803A-48C0-BF92-20BB42D62051} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {33E8DEA1-4875-48C0-9C25-F7449E018E05} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
Task: {40CBD30F-1DDB-46F6-8E12-EEAE43FAB5DC} - System32\Tasks\{6246BB74-DE77-4713-94E5-56115267BB3F} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\owner\Downloads\TACHOMATT_Yellow_2.9.11.0_Light\Start.exe -d C:\Users\owner\Downloads\TACHOMATT_Yellow_2.9.11.0_Light
Task: {461E8C6B-AC23-4269-AABD-6C383C837A31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4B2AF45E-9874-4C24-AC3A-E7A1F18319E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {547692B2-816C-4E5D-962C-B3730B301788} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-03-23] (Avast Software s.r.o. -> Avast Software)
Task: {550153BF-6690-4374-B4DA-9251A0AAC1FB} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {57D1C647-87CA-448C-9516-4E7C4BE67675} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {599B7BA1-983E-4E7C-8F39-90347972AE8B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {60202341-A471-4214-B5D1-BF391D1F4563} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-22] (Adobe Inc. -> Adobe)
Task: {6266D9A3-6EB9-4CC8-92CA-BDC6103118F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6601C009-D94D-4999-9DD0-7BFEB45121A6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {72B5B194-D569-422A-8A8A-77B05C75AA94} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {7400A084-9AB4-4588-9271-54FB164A639F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A30EBBE-0B79-4630-80A2-EAE59340DEFB} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {7BEB1DAF-C79D-47DC-8C90-D7E7044B7B1C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2023832 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {82813FA8-622D-41BA-9AB9-A8C68E8A9F86} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {84112955-857C-4345-B2B7-CEF22C8D9569} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BC03BB6-8F21-4F85-A37A-EC0F4D3D70BB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8CB3E442-3A6A-40EE-9681-C42D7445E085} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {9BA44EF8-A33C-4D16-89BC-18BD8E118F15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {9CD35450-CCEE-44F9-A5DD-D02392DA3132} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9E460417-6BEC-4231-9B3C-48B2182FE11D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A15EE7CF-3242-4FA7-B0D1-8A3B3C3CF6E4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {A194E4F2-76D2-49ED-94FF-1034EED18AE2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {AA31D1B1-CA36-44CB-A6DF-F606054810F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {AB0271DC-56FD-4E60-9736-27C7F8352BD5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEC2AD75-F820-413F-9DF2-6811F274D029} - System32\Tasks\{C5F596DE-EF7A-4063-AE11-BB67CFBA6555} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.73.105.457/es/abandoninstall?page=tsMain
Task: {AEFB00F1-F93F-4A49-B7DD-D5A7B8C9E983} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [199376 2020-03-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B2BE538F-5C21-4CAA-9534-625431940D8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B632384E-75AF-42CF-AC99-DC3FD79444C8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B6710120-D9B0-4995-A4A8-4879833C66CB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2023832 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
Task: {BB4C5240-20EA-49F4-8BE7-DD54CF224EC1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2174182-82FE-475C-B83D-76706B403C01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {C3B44715-8D3E-421D-AAF7-1E045D60FD32} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {CAA38E66-EE39-4BAD-BC4E-223BDF7115C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {CE459449-7916-4520-82FD-1CA3BEDBAF59} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5F946BC-4BBF-46FE-B09E-E79ABF4CBBC0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-22] (Adobe Inc. -> Adobe)
Task: {D62CE1AC-BEFA-47D3-B072-8456A73E7580} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DB0C38AC-DF21-468F-8EAD-A3150262235A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E1A56149-6789-4302-87E9-7127BF042360} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {EE4789DF-F8FC-462E-880F-18F89301E735} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {F35FE480-FDDD-4A0B-9CD7-CB9A619CE6BF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [199376 2020-03-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {F458B2EC-2DD4-4000-B484-7FA92D388177} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {F6FFFD45-918B-419D-949D-47D3E68299D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F70039F0-F981-419B-A091-4C0A782189D7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB144CDC-5C6E-4F92-B111-CCCFB208BA53} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FE176BA9-57C8-484A-990F-623A5A1B76B5} - System32\Tasks\{9DFDA5E4-7415-4066-919C-AB3A60C786D6} => C:\windows\system32\pcalua.exe -a F:\setup.exe -d F:\

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{0a77c164-5919-4f84-9e8f-0ce20561ac78}: [NameServer] 212.166.132.102 212.73.32.67
Tcpip\..\Interfaces\{0a77c164-5919-4f84-9e8f-0ce20561ac78}: [DhcpNameServer] 212.166.132.102 212.73.32.67
Tcpip\..\Interfaces\{0c760836-5f6f-4d68-8e82-5b1b6bf29799}: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{4fe7d13b-098f-42d5-8d2e-34bc22a98d3c}: [NameServer] 212.166.132.102 212.73.32.67

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Ningún archivo
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {6EEFD7B1-B26C-440D-B55A-1EC677189F30} hxxps://vpn.voxelgroup.net/NELX.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://vpnssl.aena.es/dana-cached/sc/JuniperSetupClient.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Ningún archivo

FireFox:
========
FF DefaultProfile: azh5p4q8.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\azh5p4q8.default [2020-04-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-08-15] [Heredado] [no firmado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-22] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [Archivo no firmado]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-22] (Adobe Inc. -> )
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.6.605.0\npAvastBrowserUpdate3.dll [2020-03-23] (AVAST Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.6.605.0\npAvastBrowserUpdate3.dll [2020-03-23] (AVAST Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [Archivo no firmado]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [Archivo no firmado]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3742950191-1254833018-3493267202-1186: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [Archivo no firmado]

Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2020-04-10]
CHR HomePage: Default -> hxxp://www.hp.com/
CHR Extension: (Presentaciones) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-04]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-04]
CHR Extension: (Just Read) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2020-03-23]
CHR Extension: (Elevate for Strava) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhiaggccakkgdfcadnklkbljcgicpckn [2020-03-06]
CHR Extension: (Hojas de cálculo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-23]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-10]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-03-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-08-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-09]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-21]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-10]
CHR HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lkeklglhcgdafkfiiagmabcogjapcklc] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodecCR10.crx <no encontrado>

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [199376 2020-03-23] (AVAST Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [199376 2020-03-23] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3765.150\elevation_service.exe [1124080 2020-03-19] (Avast Software s.r.o. -> AVAST Software)
S2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-09-01] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37864 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205576 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [271120 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206608 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [64272 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-03-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
S1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279360 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42976 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175400 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110560 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84056 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848672 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [458584 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235184 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316256 2020-03-23] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 clwvd; C:\WINDOWS\System32\drivers\clwvd.sys [31088 2011-01-29] (CyberLink -> CyberLink Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dsNcAdpt; C:\WINDOWS\System32\DRIVERS\dsNcAdpt.sys [32768 2012-01-13] (Juniper Networks) [Archivo no firmado]
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [85504 2011-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-11] (Malwarebytes Inc -> Malwarebytes)
S3 NxDrv; C:\WINDOWS\System32\drivers\NxDrv.sys [24264 2013-10-24] (SonicWALL Inc. -> SonicWALL Inc.)
S3 RimVSerPort; C:\WINDOWS\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-09-01] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Archivo no firmado]
S3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
U3 idsvc; no ImagePath
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 IUProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [X]
S3 IURegistryFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-11 10:07 - 2020-04-11 10:09 - 000037437 _____ C:\Users\User\Desktop\FRST.txt
2020-04-11 10:05 - 2020-04-11 10:08 - 000000000 ____D C:\FRST
2020-04-11 10:02 - 2020-04-11 10:02 - 000000935 _____ C:\Users\User\Desktop\JRT.txt
2020-04-11 09:59 - 2020-04-11 09:59 - 000050502 _____ C:\Users\User\Desktop\3 adw cleaner informe.txt
2020-04-11 09:56 - 2020-04-11 09:56 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-11 09:48 - 2020-04-11 09:54 - 000000000 ____D C:\AdwCleaner
2020-04-11 09:42 - 2020-04-11 09:42 - 000050502 _____ C:\Users\User\Desktop\2 informe malware.txt
2020-04-11 09:17 - 2020-04-11 09:17 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2020-04-11 09:17 - 2020-04-11 09:17 - 000000000 ____D C:\Users\User\AppData\Local\cache
2020-04-11 09:16 - 2020-04-11 09:56 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-11 09:16 - 2020-04-11 09:16 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-11 09:16 - 2020-04-11 09:16 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-11 09:16 - 2020-04-11 09:16 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-11 09:16 - 2020-04-11 09:16 - 000000000 ____D C:\Users\User\AppData\Local\mbamtray
2020-04-11 09:16 - 2020-04-11 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-11 09:16 - 2020-04-11 09:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-11 09:10 - 2020-04-11 09:10 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-11 09:09 - 2020-04-11 09:09 - 001139186 _____ C:\Users\User\Desktop\1 cc_20200411_090823_copia seg registro ccleaner.reg
2020-04-11 09:03 - 2020-04-11 09:03 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-11 09:03 - 2020-04-11 09:03 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2020-04-11 09:03 - 2020-04-11 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-11 09:03 - 2020-04-11 09:03 - 000000000 ____D C:\Program Files\CCleaner
2020-04-10 22:57 - 2020-04-10 22:57 - 000000000 ____D C:\Users\User\Desktop\cosillas revit
2020-04-10 22:28 - 2020-04-10 22:28 - 001790024 _____ (Malwarebytes) C:\Users\User\Desktop\JRT.exe
2020-04-10 22:20 - 2020-04-10 22:20 - 000000000 ____D C:\Users\User\AppData\Local\Anki
2020-04-10 22:19 - 2020-04-10 22:20 - 000000000 ____D C:\Program Files\Anki
2020-04-10 22:19 - 2020-04-10 22:19 - 000000531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk
2020-04-10 22:17 - 2020-04-10 22:16 - 002281472 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2020-04-10 22:17 - 2020-04-10 22:13 - 008196784 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.0.4.exe
2020-04-10 22:17 - 2020-04-10 22:12 - 022267336 _____ (Piriform Software Ltd) C:\Users\User\Desktop\ccsetup565.exe
2020-04-10 22:17 - 2020-04-10 22:11 - 001965536 _____ (Malwarebytes) C:\Users\User\Desktop\MBSetup.exe
2020-04-10 22:16 - 2020-04-10 22:16 - 002281472 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2020-04-10 22:12 - 2020-04-10 22:13 - 008196784 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_8.0.4.exe
2020-04-10 22:11 - 2020-04-10 22:11 - 001965536 _____ (Malwarebytes) C:\Users\User\Downloads\MBSetup.exe
2020-04-10 22:10 - 2020-04-10 22:12 - 022267336 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup565.exe
2020-04-10 18:26 - 2020-04-11 09:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-04-10 08:58 - 2020-04-10 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-04-10 08:46 - 2020-04-11 09:57 - 000900586 _____ C:\WINDOWS\ntbtlog.txt
2020-04-09 20:22 - 2020-04-09 20:22 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2020-04-09 20:17 - 2020-04-09 20:18 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-09 20:17 - 2020-04-09 20:18 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-09 20:17 - 2020-04-09 20:17 - 000044568 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2020-04-09 20:15 - 2020-03-23 09:45 - 000368056 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-03-23 09:55 - 2020-04-10 18:51 - 000000000 ____D C:\Users\User\AppData\Local\AVAST Software
2020-03-23 09:55 - 2020-04-09 19:58 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-03-23 09:55 - 2020-04-09 19:58 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-03-23 09:55 - 2020-04-09 19:58 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-03-23 09:53 - 2020-03-23 09:53 - 000003656 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2020-03-23 09:53 - 2020-03-23 09:53 - 000003532 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2020-03-23 09:53 - 2020-03-23 09:53 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-03-23 09:50 - 2020-04-10 08:48 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-03-23 09:50 - 2020-03-23 09:50 - 000000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2020-03-23 09:48 - 2020-03-23 09:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-03-23 09:47 - 2020-04-09 20:17 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-03-23 09:46 - 2020-04-10 22:25 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2020-03-23 09:46 - 2020-04-10 21:55 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2020-03-23 09:46 - 2020-03-23 09:48 - 000458584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-03-23 09:46 - 2020-03-23 09:46 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-03-23 09:46 - 2020-03-23 09:45 - 000848672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000316256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000279360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000271120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000235184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000206608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000205576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000175400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000110560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000084056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000064272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000042976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000037864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-03-23 09:46 - 2020-03-23 09:45 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-03-22 12:44 - 2020-03-22 12:44 - 000230080 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online.exe
2020-03-22 12:41 - 2020-03-22 12:41 - 000000000 ____D C:\Users\User\AppData\LocalLow\IObit
2020-03-22 12:40 - 2020-04-10 22:26 - 000000000 ____D C:\Program Files (x86)\IObit
2020-03-22 12:40 - 2020-03-22 12:40 - 000002936 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_User
2020-03-22 12:39 - 2020-04-11 09:54 - 000000000 ____D C:\Users\User\AppData\Roaming\IObit
2020-03-22 12:39 - 2020-04-11 09:54 - 000000000 ____D C:\ProgramData\IObit
2020-03-22 12:35 - 2020-03-22 12:41 - 099345136 _____ C:\Users\User\Downloads\anki-2.1.22-windows.exe
2020-03-22 12:35 - 2020-03-22 12:37 - 021335920 _____ (IObit ) C:\Users\User\Downloads\iobituninstaller.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-11 10:02 - 2019-12-15 01:17 - 002012042 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-11 10:02 - 2019-03-19 13:59 - 000864082 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-11 10:02 - 2019-03-19 13:59 - 000186264 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-11 10:02 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-11 09:57 - 2011-11-21 03:38 - 000305293 _____ C:\WINDOWS\system32\fastboot.set
2020-04-11 09:55 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-11 09:55 - 2017-06-04 18:43 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-04-11 09:55 - 2011-11-21 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-04-11 09:55 - 2011-11-21 03:22 - 000000000 ____D C:\Program Files (x86)\Vimicro
2020-04-11 09:38 - 2015-08-15 23:27 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-11 09:16 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-11 09:03 - 2019-12-15 01:06 - 000000000 ____D C:\Users\postgres
2020-04-11 09:03 - 2019-12-15 01:06 - 000000000 ____D C:\Users\DefaultAppPool
2020-04-10 22:00 - 2019-12-15 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-10 21:54 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-10 21:49 - 2019-12-15 00:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-10 21:14 - 2019-12-15 01:32 - 000004204 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{56D8666F-7D4D-40AE-881C-BB24CD3A46BB}
2020-04-10 21:13 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-10 21:13 - 2017-08-11 08:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-04-10 18:52 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-10 18:49 - 2011-11-21 03:31 - 000000000 ____D C:\ProgramData\VeriFace
2020-04-10 18:38 - 2017-08-13 23:26 - 000000000 ____D C:\ProgramData\ThumbsPlus
2020-04-10 18:31 - 2017-08-13 23:26 - 000000000 ____D C:\Users\User\AppData\Roaming\ThumbsPlus
2020-04-10 09:00 - 2013-08-14 11:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-04-10 09:00 - 2012-03-26 20:41 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-04-10 08:58 - 2015-05-06 19:29 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-10 08:43 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-10 08:32 - 2012-03-24 21:43 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-09 20:44 - 2017-06-04 18:44 - 000000000 ____D C:\Users\User\AppData\Local\Publishers
2020-04-09 20:27 - 2018-05-19 00:16 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2020-04-09 19:55 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-04-09 19:55 - 2018-09-22 09:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-09 19:53 - 2010-11-21 05:27 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-22 13:05 - 2017-08-11 00:24 - 000000000 ____D C:\Users\User\AppData\Roaming\Anki2
2020-03-22 12:53 - 2017-06-04 19:38 - 000000000 ____D C:\Program Files (x86)\Avira
2020-03-22 12:45 - 2019-12-15 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeChat
2020-03-22 12:37 - 2019-12-15 01:32 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3742950191-1254833018-3493267202-1186
2020-03-22 12:35 - 2017-06-04 18:53 - 000000000 ___RD C:\Users\User\OneDrive
2020-03-22 12:34 - 2019-12-15 01:06 - 000002444 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 12:31 - 2019-12-15 01:32 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-22 12:31 - 2017-08-10 22:03 - 000000000 ____D C:\Users\User\AppData\Roaming\Google
2020-03-22 12:30 - 2015-11-15 22:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-22 12:23 - 2019-12-15 13:13 - 000000000 ____D C:\Users\User\Documents\WeChat Files
2020-03-22 12:17 - 2019-12-15 01:32 - 000004668 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-22 12:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-22 12:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-03-22 12:10 - 2019-12-15 01:32 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-22 12:10 - 2019-12-15 01:32 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Archivos en la raíz de algunos directorios ========

2013-09-04 10:11 - 2013-05-27 20:40 - 006583664 _____ (AVAST Software) C:\Program Files\AVAST So
2017-08-10 23:24 - 2017-08-10 23:24 - 000154802 _____ () C:\Users\User\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por User (11-04-2020 10:10:56)
Ejecutado desde C:\Users\User\Desktop
Windows 10 Home Versión 1903 18362.418 (X64) (2019-12-14 23:34:25)
Modo de Inicio: Safe Mode (with Networking)
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3742950191-1254833018-3493267202-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3742950191-1254833018-3493267202-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3742950191-1254833018-3493267202-1002 - Limited - Enabled)
Invitado (S-1-5-21-3742950191-1254833018-3493267202-501 - Limited - Disabled)
postgres (S-1-5-21-3742950191-1254833018-3493267202-1185 - Limited - Enabled) => C:\Users\postgres
User (S-1-5-21-3742950191-1254833018-3493267202-1186 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3742950191-1254833018-3493267202-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Akamai NetSession Interface (HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anki (HKLM-x32\...\Anki) (Version: 2.1.22 - )
Aplicaciones destacadas de Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AutoCAD 2016 - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-F001-040A-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 - Español (Spanish) (HKLM\...\AutoCAD 2016 - Español (Spanish)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk BIM 360 Revit 2016 Add-in 64 bit (HKLM\...\{C5A83116-8654-47A3-A3B1-B76905C8A198}) (Version: 4.35.3969 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.18 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk Revit 2016 (HKLM\...\Autodesk Revit 2016) (Version: 16.0.490.0 - Autodesk)
Autodesk Revit Content Libraries 2016 - Español (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2016 - Español (Spanish)) (Version: 16.0.490.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3765.150 - Los creadores de Avast Secure Browser)
Avira (HKLM-x32\...\{CAB70370-888E-4D62-B5D5-DA7982585C46}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{e636e084-c7ab-4246-8ad2-aa1bb1cbedfd}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{4B7277C7-9CEE-45FC-B36B-19AD28281B9C}) (Version: 3.40.8921.5350 - Google, Inc.)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
CDDRV_Installer (HKLM-x32\...\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}) (Version: 1.00.0000 - Logitech) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Earth (HKLM-x32\...\{BE06114F-559D-11E0-B5A1-001D0926B1BF}) (Version: 6.0.2.2074 - Google)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Guía del usuario (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
Importación de SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
KhalInstallWrapper (HKLM\...\{9B1A8F3D-8059-43FB-A7AE-4F2C21F0AAF2}) (Version: 4.00.121 - Logitech) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo Games Console (HKLM-x32\...\Lenovo Games Console) (Version: 1.2.6.436 - Oberon Media Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Logitech SetPoint (HKLM-x32\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 4.00 - Logitech)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 es-ES)) (Version: 43.0.1 - Mozilla)
Mozilla Firefox 56.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 56.0 (x64 es-ES)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0 - Mozilla)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Presto 8.8 (HKLM-x32\...\{099EA4F2-0BE8-443B-B6EE-2B8FDF035DC0}) (Version:  - )
QGIS 2.18 2.18.11 Las Palmas (HKLM\...\QGIS 2.18) (Version:  - QGIS Development Team)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Revit 2016 (HKLM\...\{7346B4A0-1600-0510-0000-705C0D862004}) (Version: 16.0.490.0 - Autodesk) Hidden
Revit Content Libraries 2016 - Español (Spanish) (HKLM\...\{941030D0-1600-0410-0000-818BB38A95FC}) (Version: 16.0.490.0 - Autodesk) Hidden
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Spotify (HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.)
ThumbsPlus (HKLM-x32\...\{9D7C721E-9861-4994-A91E-2E219CC4A7FD}) (Version: 9.0.0.3919 - Cerious Software Inc.) Hidden
ThumbsPlus (HKLM-x32\...\ThumbsPlus) (Version:  - Cerious Software Inc.)
TOPOHISPANIA_2.04 (HKLM-x32\...\TOPOHISPANIA_2.04) (Version: _2.04 - SinRenKor)
Update for Skype for Business 2016 (KB4484133) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{20EC231C-9262-422A-B18B-7822744DA5AB}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484133) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.STANDARD_{20EC231C-9262-422A-B18B-7822744DA5AB}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Winamp (remove only) (HKLM-x32\...\Winamp) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-14] (king.com)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-11-08] (Facebook Inc)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa [2020-04-09] (Apple Inc.) [Startup Task]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.7.0.11_x86__h6adky7gbf63m [2020-04-09] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_5.3.0.0_x86__g0q0z3kw54rap [2019-12-14] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-12] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) [Archivo no firmado]
CustomCLSID: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3742950191-1254833018-3493267202-1186_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-11-21] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} =>  -> Ningún archivo
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> Ningún archivo
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\windows\system32\SimpleExt.dll [2011-11-21] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} =>  -> Ningún archivo
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-11] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2015-03-17 01:34 - 2015-03-17 01:34 - 000013824 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2010-11-18 22:08 - 2010-11-18 22:08 - 000086016 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.exe:  =>  <==== ATENCIÓN
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-14 04:34 - 2014-03-12 21:41 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Road Tech\PostgreSQL\bin;C:\Program Files (x86)\Road Tech\PostgreSQL\lib;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Autodesk Shared\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Ningún archivo)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupfolder: C:^Users^owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TornTvDownloader.lnk => C:\windows\pss\TornTvDownloader.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "UpdatePRCShortCut"
HKLM\...\StartupApproved\Run32: => "DellNetExtender"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\StartupApproved\Run: => "Akamai NetSession Interface"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{BF568D82-0768-4E16-AE23-91E39B16C626}] => (Allow) LPort=7935
FirewallRules: [{B3B50861-1B65-41F2-B733-75A4FC031A01}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{CAE50B54-D3EC-46E3-B42C-99D288C38E55}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{7C29F79B-D1C1-497D-901F-C9A10A3B62C8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EE2B3FE1-9613-4A66-AD71-FAD22BF8F5ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{673E2355-7FED-464A-9191-28491DFC193B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F9B46F50-DC79-4AC1-91D7-2E98400E5552}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2C0A34DB-E8CF-4EF1-9BBF-9BD1277E75D3}] => (Allow) LPort=1900
FirewallRules: [{7FDEE439-9599-4685-87C1-9A8E5A14A0B1}] => (Allow) LPort=2869
FirewallRules: [{ED7A63CD-739B-49A5-BDC6-4547CABBED03}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23DF7B1B-2239-4E33-8B90-6E8BEC86F39E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC898BCC-FA82-4C17-A4BE-341B43391DAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5C65CE45-FE67-44A2-9AEF-445E263AFBF0}C:\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\skypeportable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{4AA53937-4311-45FE-AFC0-BFE7BCDF819B}C:\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\skypeportable\app\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C637ECC3-D7D0-4944-AB47-EF855F5BEF55}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [UDP Query User{FFA3A5D0-0E2E-4A11-B60A-AD875E3EADCE}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{D45DB105-5D62-4E66-AE43-8DE2E019613B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{F4A86270-00F3-4261-9343-224690FA1586}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4ADAF6B0-2633-49F2-814C-C1DC9CBC51D8}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{A6C7846B-A63A-42E0-A4A3-26233536DA16}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{BF0D415F-D063-498F-9CC6-9478321A2F00}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{2BB2917C-F32E-46A9-9598-04B9357316F1}C:\users\user\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\user\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{044ADE1E-2654-47C1-872F-54BCB5A1432A}] => (Allow) LPort=50248
FirewallRules: [{9F06E1C4-C674-480B-A2F5-3731AF128E14}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DCDD2858-0F8D-420C-B808-6140957E44FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D8799A4A-A4EE-47DE-BB77-D2DCBDC4A755}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5E9342C0-A78C-4AD9-B223-2E938CCDE777}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F772A4B1-67E4-4874-85C6-5C8587C0C2E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71B13332-BFB5-433B-B01F-9180EB831834}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B88D77F-8021-4992-84D3-BBBF6010EAA9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F1FB82B-1550-4EF7-915A-BE533DFFC415}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{83C82AAA-32D0-4A16-AA71-B5B8BFE22557}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{44CB6B5D-3628-4926-B17B-E5F0772C7B8E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12105.12.48001.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Puntos de Restauración =========================

09-04-2020 20:16:25 Windows Update

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Controlador de infraestructura de virtualización de Microsoft Hyper-V
Description: Controlador de infraestructura de virtualización de Microsoft Hyper-V
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: CyberLink WebCam Virtual Driver
Description: CyberLink WebCam Virtual Driver
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CyberLink
Service: clwvd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Sonido Intel(R) para pantallas
Description: Sonido Intel(R) para pantallas
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/11/2020 10:00:31 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\User\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).

Error: (04/11/2020 09:55:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Los Servicios de cifrado no pudieron inicializar el objeto "System Writer" de la copia de seguridad de VSS.

Details:
Could not query the status of the EventSystem service.

System Error:
Se está cerrando el sistema.
.

Error: (04/11/2020 09:54:54 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\User\Desktop\adwcleaner_8.0.4.exe ; descripción = AdwCleaner_BeforeCleaning_11/04/2020_09:54:51; error = 0x8007043c).

Error: (04/10/2020 10:11:46 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (04/10/2020 10:05:47 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (04/10/2020 10:05:46 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (04/10/2020 10:03:45 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (04/10/2020 09:59:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000171ac8
Identificador del proceso con errores: 0x23dc
Hora de inicio de la aplicación con errores: 0x01d60f727c584c13
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Identificador del informe: fa09751b-f349-4d6f-9712-20f4aafc394d
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI


Errores del sistema:
=============
Error: (04/11/2020 10:12:44 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/11/2020 10:10:55 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/11/2020 10:10:00 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/11/2020 10:08:58 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (04/11/2020 10:08:58 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (04/11/2020 10:08:58 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (04/11/2020 10:08:58 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (04/11/2020 10:08:56 AM) (Source: DCOM) (EventID: 10005) (User: owner-PC)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


CodeIntegrity:
===================================

Date: 2020-04-11 09:33:01.717
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:36.194
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:36.096
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:36.012
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:35.922
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Autodesk\Autodesk Sync\AdSyncNamespace.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:22.788
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:22.615
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-11 09:32:19.767
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO 40CN28WW(V2.14) 10/07/2011
Placa base: LENOVO Base Board Product Name
Procesador: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Porcentaje de memoria en uso: 18%
RAM física total: 8135.86 MB
RAM física disponible: 6612.42 MB
Virtual total: 16327.86 MB
Virtual disponible: 15121.23 MB

==================== Unidades ================================

Drive c: (DRIVE_C) (Fixed) (Total:421.81 GB) (Free:280.49 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.5 GB) NTFS

\\?\Volume{ca42cfc6-13da-11e1-aaee-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 186040DD)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== Final de Addition.txt =======================

De momento no he reiniciado. Debería? Mejor me espero a tus instrucciones para no liarla.

Mil gracias!! :grinning:

h .

Hola.

De momento sigue sin REINICIAR y quédate en el modo seguro hasta que pueda analizar TODOS los informes que has puesto. :face_with_monocle:

De momento NO veo que hayas puesto el informe de AdwCleaner, te has debido liar y pusiste dos veces el mismo informe de Malwarebytes.

Por favor, por el informe de AdwCleaner para que lo pueda valorar igualmente. :thinking:

Saludos.

P.D// Dime tambien que navegador estas usando como predeterminado y veo que tienes dos antivirus instalados(Avast y Avira) eres consciente de ello…??

Hola Javier:

Oops, pego el report del Adwcleaner. disculpas.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 11/4/20
Hora del análisis: 9:18
Archivo de registro: afae6d94-7bc4-11ea-a504-dc0ea16afa74.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.22280
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: owner-PC\User

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 431846
Amenazas detectadas: 276
Amenazas en cuarentena: 276
Tiempo transcurrido: 14 min, 23 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 33
PUP.Optional.Bench, HKLM\SOFTWARE\WOW6432NODE\BENCH\BService, En cuarentena, 5825, 235730, 1.0.22280, , ame, 
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BENCH-SYS, En cuarentena, 5825, 183384, , , , 
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F87B509A-DFF7-4D88-84E0-112C1D4C81C7}, En cuarentena, 5825, 183384, , , , 
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{F87B509A-DFF7-4D88-84E0-112C1D4C81C7}, En cuarentena, 5825, 183384, , , , 
PUP.Optional.Bench, HKLM\SOFTWARE\WOW6432NODE\BENCH\Updater, En cuarentena, 5825, 235733, 1.0.22280, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\CSASTATS\ic, En cuarentena, 495, 586068, 1.0.22280, , ame, 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, En cuarentena, 62, 190384, 1.0.22280, , ame, 
PUP.Optional.BenchUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\bench-Updater removing, En cuarentena, 4797, 235742, , , , 
PUP.Optional.BenchUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0C969227-E448-4E60-8E09-F19B45DF2E3D}, En cuarentena, 4797, 235742, , , , 
PUP.Optional.BenchUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{0C969227-E448-4E60-8E09-F19B45DF2E3D}, En cuarentena, 4797, 235742, , , , 
PUP.Optional.DiscountDragon, HKLM\SOFTWARE\WOW6432NODE\Discount Dragon, En cuarentena, 57, 237793, 1.0.22280, , ame, 
PUP.Optional.Olacarita, HKLM\SOFTWARE\WOW6432NODE\Olacarita, En cuarentena, 2557, 241334, 1.0.22280, , ame, 
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\winzipersvc, En cuarentena, 206, 444492, 1.0.22280, , ame, 
PUP.Optional.SweetIM, HKU\S-1-5-18\SOFTWARE\SweetIM, En cuarentena, 444, 243758, 1.0.22280, , ame, 
PUP.Optional.TornTV, HKU\S-1-5-18\SOFTWARE\TornTv Downloader, En cuarentena, 1670, 244132, 1.0.22280, , ame, 
PUP.Optional.GoPhotoIt, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\TheGoPhoto.it V10, En cuarentena, 2354, 238849, 1.0.22280, , ame, 
PUP.Optional.TornTV, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\TheTorntv V10, En cuarentena, 1670, 244123, 1.0.22280, , ame, 
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, En cuarentena, 617, 472300, 1.0.22280, , ame, 
PUP.Optional.InstallBrain, HKU\S-1-5-18\SOFTWARE\WNLT, En cuarentena, 6468, 239558, 1.0.22280, , ame, 
PUP.Optional.SecurityProtection, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NOAJMLKIPCLMEOLFCNFLKJHIJKIGPFJH, En cuarentena, 1850, 242841, , , , 
PUP.Optional.SecurityProtection, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\noajmlkipclmeolfcnflkjhijkigpfjh, En cuarentena, 1850, 242841, 1.0.22280, , ame, 
PUP.Optional.TornTV.OL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Torntv, En cuarentena, 7110, 339894, 1.0.22280, , ame, 
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\winzipersvc, En cuarentena, 206, 385015, 1.0.22280, , ame, 
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En cuarentena, 574, -1, 0.0.0, , action, 
Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, En cuarentena, 616, 169917, , , , 
Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, En cuarentena, 616, 169917, , , , 
Adware.1ClickDownload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, En cuarentena, 616, 169917, 1.0.22280, , ame, 
PUP.Optional.Fortunitas, HKLM\SOFTWARE\CLASSES\TYPELIB\{EFF4F283-3C8B-4A01-8297-DDC839210B86}, En cuarentena, 635, 167983, , , , 
PUP.Optional.Fortunitas, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EFF4F283-3C8B-4A01-8297-DDC839210B86}, En cuarentena, 635, 167983, , , , 
PUP.Optional.Fortunitas, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{EFF4F283-3C8B-4A01-8297-DDC839210B86}, En cuarentena, 635, 167983, , , , 
PUP.Optional.Fortunitas, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C6F3FC7B-D607-44EC-9CAF-2A41D547137F}, En cuarentena, 635, 167983, , , , 
PUP.Optional.Fortunitas, HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C6F3FC7B-D607-44EC-9CAF-2A41D547137F}, En cuarentena, 635, 167983, , , , 
PUP.Optional.Fortunitas, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c6f3fc7b-d607-44ec-9caf-2a41d547137f}, En cuarentena, 635, 167983, 1.0.22280, , ame, 

Valor del registro: 12
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|HDVID CODEC V1-BG.EXE, En cuarentena, 1940, 260099, 1.0.22280, , ame, 
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, En cuarentena, 617, 472300, 1.0.22280, , ame, 
PUP.Optional.Bench, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F87B509A-DFF7-4D88-84E0-112C1D4C81C7}|PATH, En cuarentena, 5825, 183386, 1.0.22280, , ame, 
PUP.Optional.InstallBrain, HKU\S-1-5-18\SOFTWARE\WNLT|URL, En cuarentena, 6468, 239558, 1.0.22280, , ame, 
PUP.Optional.QuickStart, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], En cuarentena, 1961, 242157, 1.0.22280, , ame, 
PUP.Optional.SecurityProtection, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], En cuarentena, 1850, 242842, 1.0.22280, , ame, 
Adware.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 574, -1, 0.0.0, , action, 
Adware.Wajam, HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 574, -1, 0.0.0, , action, 
Adware.Wajam, HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, En cuarentena, 574, -1, 0.0.0, , action, 
Adware.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 574, -1, 0.0.0, , action, 
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 574, -1, 0.0.0, , action, 
Adware.Wajam, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En cuarentena, 574, -1, 0.0.0, , action, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 64
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443151, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443151, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443151, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443151, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443151, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443151, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.Wajam, C:\WINDOWS\SYSTEM32\SSL, En cuarentena, 574, 533889, 1.0.22280, , ame, 

Archivo: 167
PUP.Optional.Bench, C:\WINDOWS\TASKS\BENCH-SYS.JOB, En cuarentena, 5825, 183385, 1.0.22280, , ame, 
PUP.Optional.Bench, C:\WINDOWS\SYSTEM32\TASKS\BENCH-SYS, En cuarentena, 5825, 183384, 1.0.22280, , ame, 
PUP.Optional.Awesomehp.ShrtCln, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\SEARCHPLUGINS\AWESOMEHP.XML, En cuarentena, 3833, 192891, 1.0.22280, , ame, 
PUP.Optional.Delta.ShrtCln, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\BROWSER\SEARCHPLUGINS\DELTA-HOMES.XML, En cuarentena, 62, 191024, 1.0.22280, , ame, 
PUP.Optional.BenchUpdater, C:\WINDOWS\TASKS\bench-Updater removing.job, En cuarentena, 4797, 235743, 1.0.22280, , ame, 
PUP.Optional.BenchUpdater, C:\WINDOWS\SYSTEM32\TASKS\bench-Updater removing, En cuarentena, 4797, 235742, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, En cuarentena, 4722, -1, 0.0.0, , action, 
Adware.MultiPlug.Generic, C:\PROGRAMDATA\NTUSER.POL, En cuarentena, 4722, -1, 0.0.0, , action, 
Adware.MultiPlug.Generic, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En cuarentena, 4722, -1, 0.0.0, , action, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gifables.dl.tb.ask.com_0.localstorage, En cuarentena, 1812, 443123, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gifables.dl.tb.ask.com_0.localstorage-journal, En cuarentena, 1812, 443123, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_videodownloadconverter.dl.tb.ask.com_0.localstorage, En cuarentena, 1812, 443123, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_videodownloadconverter.dl.tb.ask.com_0.localstorage-journal, En cuarentena, 1812, 443123, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gifables.dl.myway.com_0.localstorage, En cuarentena, 1812, 443124, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_gifables.dl.myway.com_0.localstorage-journal, En cuarentena, 1812, 443124, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_videodownloadconverter.dl.myway.com_0.localstorage, En cuarentena, 1812, 443124, 1.0.22280, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_videodownloadconverter.dl.myway.com_0.localstorage-journal, En cuarentena, 1812, 443124, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443151, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\USERS\ADMINISTRADOR\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Administrador\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\TORCH\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443155, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Torch\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443155, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443156, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443156, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\agafcidffgdigglhlcmgipkflamnnngb\1.0\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\agafcidffgdigglhlcmgipkflamnnngb\1.0\Rjg6.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\HOMEGROUPUSER$\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\ciagpekplgpbepdgggflgmahnjgiaced\246\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\246\VAhtw.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\USERS\INVITADO\APPDATA\LOCAL\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\lsdb.js, En cuarentena, 4722, 443157, 1.0.22280, , ame, 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\background.html, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\content.js, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\manifest.json, En cuarentena, 4722, 443157, , , , 
Adware.MultiPlug.Generic, C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icamicnfkihbcjgpnmiaokmhdmpnhhln\3.7\pw21.js, En cuarentena, 4722, 443157, , , , 
Adware.Wajam, C:\WINDOWS\SYSTEM32\SSL\CERT.DB, En cuarentena, 574, 533889, 1.0.22280, , ame, 
Adware.Wajam, C:\Windows\System32\SSL\09534b89de23dfbb.cer, En cuarentena, 574, 533889, , , , 
Adware.Wajam, C:\Windows\System32\SSL\x.db, En cuarentena, 574, 533889, , , , 
Adware.Wajam, C:\Windows\System32\SSL\xtls.db, En cuarentena, 574, 533889, , , , 
PUP.Optional.SweetIM, C:\WINDOWS\INSTALLER\11C24A.MSI, En cuarentena, 444, 297640, 1.0.22280, , ame, 
RiskWare.Tool.HCK, C:\USERS\USER\DESKTOP\SOFTWARE VICTOR\CRACK DEL CRACK CATACRACK ADOBE\UNIVERSAL ADOBE PATCHER V1.5 FINAL.EXE, En cuarentena, 7383, 69152, 1.0.22280, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Estoy usando Chrome de navegador. Respecto a los antivirus, inicialmente el portátil traía Avira pero me estaba dando problemas y lo achacaba al antivirus. Lo desinstalé (veo que no del todo) e instalé el AVG. :fearful:

Saludos, :slight_smile: h .

Mmmmm. Creo que hay algo mal porque el txt del Malware y el del ADW son iguales. Creo que lo he hecho mal. Lo intento repetir?

Hola.

Si hiciste el proceso tendras el informe en esta ruta :

C:\AdwCleaner\Logs\

Buscalo ahi y ponlo y además usa YA la :arrow_right: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall, especifica para eliminar correctamente AVIRA. :+1:

Lo guardas en el escritorio y lo ejecutas con botón derecho y “Ejecutar como Administrador”, selecciona TODAS las opciones y pulsamos REMOVE.

Y sigues de momento en modo seguro con RED.

Saludos.

He repetido el análisis.

  • Me sale una pantalla diferente a la del manual, donde informa de “Análisis completo. No se han detectado elementos en su sistema”-
  • Voy a Cuarentena. elimino los archivos seleccionados. Hay varios de Lenovo como controladores de cámara que los doy por buenos y los restauro. Los otros los elimino.
  • No me sale ninguna pantalla de Reinicio. Lo hago manualmente.
  • Al reiniciar no se abre al ADW
  • Reinicio manualmente y uso la ruta en C.
  • Este es el informe:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-11-2020
# Duration: 00:00:59
# OS:       Windows 10 Home
# Scanned:  32067
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [13911 octets] - [11/04/2020 09:48:59]
AdwCleaner[S01].txt - [13973 octets] - [11/04/2020 09:52:09]
AdwCleaner[C01].txt - [13113 octets] - [11/04/2020 09:55:14]
AdwCleaner[S02].txt - [1592 octets] - [11/04/2020 13:55:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

Me pongo con el antivirus. :muscle:

h .

Antivirus fuera. Ostras que interesantes las herramientas de desinstalación de antivirus. Ojalá las hubiera conocido hace una semana. “Cagué patatillas” para desinstalar el Avira y ahora veo que ni siquiera lo conseguí. :expressionless:

h .

Hola @helado

Te pongo de nuevo este mensaje, que me parece que NO has visto…??

Perfecto. :+1:

No tenías que repetir el proceso, con buscar y poneme el primer informe que hiciste es suficiente :

AdwCleaner[S00].txt - [13911 octets] - [11/04/2020 09:48:59]

Abre el fichero :

C:\AdwCleaner\Logs\AdwCleaner[S00].txt

Y lo pones.

Saludos.

Te estas ganando el cielo conmigo… :laughing: Ahí va el log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-11-2020
# Duration: 00:00:37
# OS:       Windows 10 Home
# Scanned:  32067
# Detected: 101


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic            C:\Program Files\50226AF6EDE931238C1E77A5DC39BB6B
PUP.Adware.Heuristic            C:\ProgramData\63CE8D7B08E7A989
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\User\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy             C:\Program Files (x86)\Tencent
PUP.Optional.Legacy             C:\Users\Administrador\AppData\Local\torch
PUP.Optional.Legacy             C:\Users\HomeGroupUser$\AppData\Local\torch
PUP.Optional.Legacy             C:\Users\Invitado\AppData\Local\torch
PUP.Optional.Legacy             C:\Users\User\AppData\Local\Tencent
PUP.Optional.Legacy             C:\Users\User\AppData\Roaming\Tencent
PUP.Optional.MultiPlug          C:\ProgramData\WEUBSAVEE
PUP.Optional.Perion             C:\Program Files\50226AF6EDE931238C1E77A5DC39BB6B\00DDA4C12D2CBEAE40D2DA1E606D58F8

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.MyPCBackup         C:\Windows\System32\Tasks\LAUNCHSIGNUP

***** [ Registry ] *****

PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Wechat
PUP.Optional.Legacy             HKLM\Software\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
PUP.Optional.Legacy             HKLM\Software\Classes\TornTvDownloader.File
PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\TornTv Downloader
PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\WindApp
PUP.Optional.Legacy             HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Bench
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Taronja
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\hdcode
PUP.Optional.Legacy             HKLM\System\CurrentControlSet\Services\EventLog\Application\Wpm
PUP.Optional.Legacy             HKU\.DEFAULT\Software\ImInstaller
PUP.Optional.Legacy             HKU\S-1-5-18\Software\ImInstaller
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A1F12FB-87D5-4F4A-807F-B905EA65A850}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A1F12FB-87D5-4F4A-807F-B905EA65A850}
PUP.Optional.MyPCBackup         HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
PUP.Optional.SpyHunter          HKLM\Software\EnigmaSoftwareGroup

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPMediaSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA7215F8-1DC0-49A2-A13A-5415368015B2} 
Preinstalled.HPMediaSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent 
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} 
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D} 
Preinstalled.HPMediaSmart   Task   C:\Windows\System32\Tasks\MIRAGEAGENT 
Preinstalled.LenovoEasyCamera   Folder   C:\Program Files (x86)\USB CAMERA 
Preinstalled.LenovoEasyCamera   Folder   C:\Program Files (x86)\VIMICRO\LENOVO EASYCAMERA 
Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|331BigDog 
Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|331BigDog 
Preinstalled.LenovoEasyCamera   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332} 
Preinstalled.LenovoEnergyManagement   Folder   C:\Program Files (x86)\LENOVO\ENERGY MANAGEMENT 
Preinstalled.LenovoEnergyManagement   Folder   C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGEMENT 
Preinstalled.LenovoEnergyManagement   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Management 
Preinstalled.LenovoEnergyManagement   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|EnergyUtility 
Preinstalled.LenovoEnergyManagement   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Management 
Preinstalled.LenovoEnergyManagement   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|EnergyUtility 
Preinstalled.LenovoEnergyManagement   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB} 
Preinstalled.LenovoEnergyManagement   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D0956C11-0F60-43FE-99AD-524E833471BB} 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GShortCut 
Preinstalled.LenovoYouCam   Folder   C:\Program Files (x86)\LENOVO\YOUCAM 
Preinstalled.LenovoYouCam   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\YOUCAM 
Preinstalled.LenovoYouCam   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Mirage 
Preinstalled.LenovoYouCam   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|YouCam Tray 
Preinstalled.LenovoYouCam   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|YouCam Mirage 
Preinstalled.LenovoYouCam   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|YouCam Tray 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Hola.

Perfecto. :+1:

Y ahora sigues estos pasos también desde el modo seguro :

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Avira (HKLM-x32\...\{CAB70370-888E-4D62-B5D5-DA7982585C46}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG) Hidden
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> Ningún archivo
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Ningún archivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> Ningún archivo
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Ningún archivo
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Ningún archivo
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.exe: => <==== ATENCIÓN
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.scr: AutoCADScriptFile =>
HKLM-x32\...\Run: [Avira SystrayStartTrigger] 
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
2020-04-10 08:58 - 2020-04-10 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-03-22 12:53 - 2017-06-04 19:38 - 000000000 ____D C:\Program Files (x86)\Avira
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [239520 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {10D13113-701A-429E-AE84-BDAAE60579DE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {19811490-9616-4145-92A1-9DA827AE330D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19843BB1-4933-449B-AD81-35BBA35DB661} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {1BBBA979-9ED6-4430-A80D-3F3578CC7E52} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1F577696-A29B-42A6-B587-88A56D2767AB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {21948F0C-16B2-49AF-BDA8-B462711DB4F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F45BE10-803A-48C0-BF92-20BB42D62051} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {40CBD30F-1DDB-46F6-8E12-EEAE43FAB5DC} - System32\Tasks\{6246BB74-DE77-4713-94E5-56115267BB3F} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\owner\Downloads\TACHOMATT_Yellow_2.9.11.0_Light\Start.exe -d C:\Users\owner\Downloads\TACHOMATT_Yellow_2.9.11.0_Light
Task: {461E8C6B-AC23-4269-AABD-6C383C837A31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4B2AF45E-9874-4C24-AC3A-E7A1F18319E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {599B7BA1-983E-4E7C-8F39-90347972AE8B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72B5B194-D569-422A-8A8A-77B05C75AA94} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {7400A084-9AB4-4588-9271-54FB164A639F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A30EBBE-0B79-4630-80A2-EAE59340DEFB} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {84112955-857C-4345-B2B7-CEF22C8D9569} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BC03BB6-8F21-4F85-A37A-EC0F4D3D70BB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8CB3E442-3A6A-40EE-9681-C42D7445E085} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {9BA44EF8-A33C-4D16-89BC-18BD8E118F15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {9CD35450-CCEE-44F9-A5DD-D02392DA3132} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9E460417-6BEC-4231-9B3C-48B2182FE11D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A15EE7CF-3242-4FA7-B0D1-8A3B3C3CF6E4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {A194E4F2-76D2-49ED-94FF-1034EED18AE2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {AA31D1B1-CA36-44CB-A6DF-F606054810F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {AB0271DC-56FD-4E60-9736-27C7F8352BD5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B632384E-75AF-42CF-AC99-DC3FD79444C8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB4C5240-20EA-49F4-8BE7-DD54CF224EC1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3B44715-8D3E-421D-AAF7-1E045D60FD32} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {CAA38E66-EE39-4BAD-BC4E-223BDF7115C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {CE459449-7916-4520-82FD-1CA3BEDBAF59} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D62CE1AC-BEFA-47D3-B072-8456A73E7580} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DB0C38AC-DF21-468F-8EAD-A3150262235A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E1A56149-6789-4302-87E9-7127BF042360} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {EE4789DF-F8FC-462E-880F-18F89301E735} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {F458B2EC-2DD4-4000-B484-7FA92D388177} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {F6FFFD45-918B-419D-949D-47D3E68299D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F70039F0-F981-419B-A091-4C0A782189D7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB144CDC-5C6E-4F92-B111-CCCFB208BA53} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FE176BA9-57C8-484A-990F-623A5A1B76B5} - System32\Tasks\{9DFDA5E4-7415-4066-919C-AB3A60C786D6} => C:\windows\system32\pcalua.exe -a F:\setup.exe -d F:\
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Ningún archivo
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Ningún archivo
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
CHR HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lkeklglhcgdafkfiiagmabcogjapcklc] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodecCR10.crx <no encontrado>
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
U3 idsvc; no ImagePath
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 IUProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [X]
S3 IURegistryFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo YA desde el modo normal de windows y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola Javier:

He seguido las instrucciones sin problema hasta entrar en Modo Seguro. Cuando hago WINDOWS+R y ejecuto FRST.exe me dice que Windows no encuentra ese archivo!

Dos cuestiones:

  • A ver, el Farbar Recovery Scan Tool que yo descargué al escritorio me ha generado un icono llamado “FRST64”, no “FRST”. Supongo que es por eso… Me bajé la que corresponde a mi SO.

  • A riesgo de parecer (aún más :poop: ) lerdo, el archivo generado desde el notepad le he llamado “FIXLIST”, no “FIXLIST.TXT”. Entiendo que el “.TXT” es la extensión y no hay que escribirlo… ¿Digo bien? :roll_eyes:

Me espero a tus nuevas instrucciones. :wink:

Un saludo de sábado tarde confinado ! h .

Hola.

Creo que te estas liando, cuando haces Win + R es para ejecutar el Notepad.exe y guardar el archivo de nombre FIXLIST.txt con el script que te puse.

Cuando YA hayas guardado el fichero(en el escritorio) debes ejecutar la herramienta FRST.exe(en tu caso FRST64.exe) y esta herramienta se ejecuta directamente haciendo doble click sobre ella.

Cuando ya tengas la ventana visible de la herramienta será cuando pulsas en el botón de “Corregir/FIX”.

Prueba y nos comentas.

Saludos.

Hola javier:

Si, me había liado por intentar seguir todo al pie de la letra. Aquí pego el report:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por User (11-04-2020 20:33:21) Run:1
Ejecutado desde C:\Users\User\Desktop
Perfiles cargados: User (Perfiles disponibles: postgres & User)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Avira (HKLM-x32\...\{CAB70370-888E-4D62-B5D5-DA7982585C46}) (Version: 1.2.145.25926 - Avira Operations GmbH & Co. KG) Hidden
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> Ningún archivo
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Ningún archivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => -> Ningún archivo
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Ningún archivo
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Ningún archivo
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> Ningún archivo
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.exe: => <==== ATENCIÓN
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.scr: AutoCADScriptFile =>
HKLM-x32\...\Run: [Avira SystrayStartTrigger] 
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
2020-04-10 08:58 - 2020-04-10 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-03-22 12:53 - 2017-06-04 19:38 - 000000000 ____D C:\Program Files (x86)\Avira
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [239520 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {10D13113-701A-429E-AE84-BDAAE60579DE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {19811490-9616-4145-92A1-9DA827AE330D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19843BB1-4933-449B-AD81-35BBA35DB661} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {1BBBA979-9ED6-4430-A80D-3F3578CC7E52} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {1F577696-A29B-42A6-B587-88A56D2767AB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {21948F0C-16B2-49AF-BDA8-B462711DB4F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F45BE10-803A-48C0-BF92-20BB42D62051} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {40CBD30F-1DDB-46F6-8E12-EEAE43FAB5DC} - System32\Tasks\{6246BB74-DE77-4713-94E5-56115267BB3F} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\owner\Downloads\TACHOMATT_Yellow_2.9.11.0_Light\Start.exe -d C:\Users\owner\Downloads\TACHOMATT_Yellow_2.9.11.0_Light
Task: {461E8C6B-AC23-4269-AABD-6C383C837A31} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4B2AF45E-9874-4C24-AC3A-E7A1F18319E6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {599B7BA1-983E-4E7C-8F39-90347972AE8B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72B5B194-D569-422A-8A8A-77B05C75AA94} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {7400A084-9AB4-4588-9271-54FB164A639F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A30EBBE-0B79-4630-80A2-EAE59340DEFB} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {84112955-857C-4345-B2B7-CEF22C8D9569} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BC03BB6-8F21-4F85-A37A-EC0F4D3D70BB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8CB3E442-3A6A-40EE-9681-C42D7445E085} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {9BA44EF8-A33C-4D16-89BC-18BD8E118F15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {9CD35450-CCEE-44F9-A5DD-D02392DA3132} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9E460417-6BEC-4231-9B3C-48B2182FE11D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A15EE7CF-3242-4FA7-B0D1-8A3B3C3CF6E4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {A194E4F2-76D2-49ED-94FF-1034EED18AE2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {AA31D1B1-CA36-44CB-A6DF-F606054810F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {AB0271DC-56FD-4E60-9736-27C7F8352BD5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B632384E-75AF-42CF-AC99-DC3FD79444C8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB4C5240-20EA-49F4-8BE7-DD54CF224EC1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3B44715-8D3E-421D-AAF7-1E045D60FD32} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {CAA38E66-EE39-4BAD-BC4E-223BDF7115C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {CE459449-7916-4520-82FD-1CA3BEDBAF59} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D62CE1AC-BEFA-47D3-B072-8456A73E7580} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DB0C38AC-DF21-468F-8EAD-A3150262235A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E1A56149-6789-4302-87E9-7127BF042360} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {EE4789DF-F8FC-462E-880F-18F89301E735} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {F458B2EC-2DD4-4000-B484-7FA92D388177} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {F6FFFD45-918B-419D-949D-47D3E68299D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F70039F0-F981-419B-A091-4C0A782189D7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB144CDC-5C6E-4F92-B111-CCCFB208BA53} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FE176BA9-57C8-484A-990F-623A5A1B76B5} - System32\Tasks\{9DFDA5E4-7415-4066-919C-AB3A60C786D6} => C:\windows\system32\pcalua.exe -a F:\setup.exe -d F:\
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Ningún archivo
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Ningún archivo
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [Ningún archivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc. -> Oracle Corporation)
CHR HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lkeklglhcgdafkfiiagmabcogjapcklc] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodecCR10.crx <no encontrado>
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
U3 idsvc; no ImagePath
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
S3 IUProcessFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [X]
S3 IURegistryFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAB70370-888E-4D62-B5D5-DA7982585C46}\\SystemComponent" => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\GDContextMenu => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\GDContextMenu => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => eliminado correctamente
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.exe => eliminado correctamente
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\AutoCADScriptFile => eliminado correctamente
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Classes\.scr => eliminado correctamente
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HKLM-x32\...\Run: [Avira SystrayStartTrigger]" => no encontrado
Avira.ServiceHost => servicio no encontrado.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira => movido correctamente
C:\Program Files (x86)\Avira => movido correctamente
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Avira SystrayStartTrigger" => eliminado correctamente
"HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => eliminado correctamente
"HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #1" => eliminado correctamente
"HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => eliminado correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10D13113-701A-429E-AE84-BDAAE60579DE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10D13113-701A-429E-AE84-BDAAE60579DE}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19811490-9616-4145-92A1-9DA827AE330D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19811490-9616-4145-92A1-9DA827AE330D}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19843BB1-4933-449B-AD81-35BBA35DB661}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19843BB1-4933-449B-AD81-35BBA35DB661}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_User => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_User" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BBBA979-9ED6-4430-A80D-3F3578CC7E52}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BBBA979-9ED6-4430-A80D-3F3578CC7E52}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F577696-A29B-42A6-B587-88A56D2767AB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F577696-A29B-42A6-B587-88A56D2767AB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21948F0C-16B2-49AF-BDA8-B462711DB4F7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21948F0C-16B2-49AF-BDA8-B462711DB4F7}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F45BE10-803A-48C0-BF92-20BB42D62051}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F45BE10-803A-48C0-BF92-20BB42D62051}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40CBD30F-1DDB-46F6-8E12-EEAE43FAB5DC}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40CBD30F-1DDB-46F6-8E12-EEAE43FAB5DC}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{6246BB74-DE77-4713-94E5-56115267BB3F} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6246BB74-DE77-4713-94E5-56115267BB3F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{461E8C6B-AC23-4269-AABD-6C383C837A31}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{461E8C6B-AC23-4269-AABD-6C383C837A31}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B2AF45E-9874-4C24-AC3A-E7A1F18319E6}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B2AF45E-9874-4C24-AC3A-E7A1F18319E6}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{599B7BA1-983E-4E7C-8F39-90347972AE8B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{599B7BA1-983E-4E7C-8F39-90347972AE8B}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72B5B194-D569-422A-8A8A-77B05C75AA94}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72B5B194-D569-422A-8A8A-77B05C75AA94}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7400A084-9AB4-4588-9271-54FB164A639F}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7400A084-9AB4-4588-9271-54FB164A639F}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A30EBBE-0B79-4630-80A2-EAE59340DEFB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A30EBBE-0B79-4630-80A2-EAE59340DEFB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84112955-857C-4345-B2B7-CEF22C8D9569}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84112955-857C-4345-B2B7-CEF22C8D9569}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8BC03BB6-8F21-4F85-A37A-EC0F4D3D70BB}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BC03BB6-8F21-4F85-A37A-EC0F4D3D70BB}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CB3E442-3A6A-40EE-9681-C42D7445E085}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB3E442-3A6A-40EE-9681-C42D7445E085}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\StartRecording => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BA44EF8-A33C-4D16-89BC-18BD8E118F15}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BA44EF8-A33C-4D16-89BC-18BD8E118F15}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CD35450-CCEE-44F9-A5DD-D02392DA3132}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CD35450-CCEE-44F9-A5DD-D02392DA3132}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E460417-6BEC-4231-9B3C-48B2182FE11D}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E460417-6BEC-4231-9B3C-48B2182FE11D}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A15EE7CF-3242-4FA7-B0D1-8A3B3C3CF6E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A15EE7CF-3242-4FA7-B0D1-8A3B3C3CF6E4}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A194E4F2-76D2-49ED-94FF-1034EED18AE2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A194E4F2-76D2-49ED-94FF-1034EED18AE2}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA31D1B1-CA36-44CB-A6DF-F606054810F2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA31D1B1-CA36-44CB-A6DF-F606054810F2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB0271DC-56FD-4E60-9736-27C7F8352BD5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB0271DC-56FD-4E60-9736-27C7F8352BD5}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B632384E-75AF-42CF-AC99-DC3FD79444C8}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B632384E-75AF-42CF-AC99-DC3FD79444C8}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB4C5240-20EA-49F4-8BE7-DD54CF224EC1}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB4C5240-20EA-49F4-8BE7-DD54CF224EC1}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3B44715-8D3E-421D-AAF7-1E045D60FD32}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3B44715-8D3E-421D-AAF7-1E045D60FD32}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CAA38E66-EE39-4BAD-BC4E-223BDF7115C2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAA38E66-EE39-4BAD-BC4E-223BDF7115C2}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE459449-7916-4520-82FD-1CA3BEDBAF59}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE459449-7916-4520-82FD-1CA3BEDBAF59}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D62CE1AC-BEFA-47D3-B072-8456A73E7580}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D62CE1AC-BEFA-47D3-B072-8456A73E7580}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB0C38AC-DF21-468F-8EAD-A3150262235A}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB0C38AC-DF21-468F-8EAD-A3150262235A}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1A56149-6789-4302-87E9-7127BF042360}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1A56149-6789-4302-87E9-7127BF042360}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE4789DF-F8FC-462E-880F-18F89301E735}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE4789DF-F8FC-462E-880F-18F89301E735}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F458B2EC-2DD4-4000-B484-7FA92D388177}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F458B2EC-2DD4-4000-B484-7FA92D388177}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6FFFD45-918B-419D-949D-47D3E68299D0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6FFFD45-918B-419D-949D-47D3E68299D0}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F70039F0-F981-419B-A091-4C0A782189D7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F70039F0-F981-419B-A091-4C0A782189D7}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB144CDC-5C6E-4F92-B111-CCCFB208BA53}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB144CDC-5C6E-4F92-B111-CCCFB208BA53}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE176BA9-57C8-484A-990F-623A5A1B76B5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE176BA9-57C8-484A-990F-623A5A1B76B5}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\{9DFDA5E4-7415-4066-919C-AB3A60C786D6} => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DFDA5E4-7415-4066-919C-AB3A60C786D6}" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => eliminado correctamente
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => eliminado correctamente
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => eliminado correctamente
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc." => no encontrado
C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc." => no encontrado
C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll => movido correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa2,version=2.0.0 => eliminado correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-04] (Oracle America, Inc." => no encontrado
C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-04] (Oracle America, Inc." => no encontrado
C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll => movido correctamente
HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lkeklglhcgdafkfiiagmabcogjapcklc => eliminado correctamente
Avira.ServiceHost => servicio no encontrado.
HKLM\System\CurrentControlSet\Services\idsvc => eliminado correctamente
idsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\IUFileFilter => eliminado correctamente
IUFileFilter => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\IUProcessFilter => eliminado correctamente
IUProcessFilter => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\IURegistryFilter => eliminado correctamente
IURegistryFilter => servicio eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3742950191-1254833018-3493267202-1186\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34246647 B
Java, Flash, Steam htmlcache => 763 B
Windows/system/drivers => 178153172 B
Edge => 48762 B
Chrome => 410693429 B
Firefox => 21518702 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 12824 B
Users => 12824 B
ProgramData => 12824 B
Public => 12824 B
systemprofile => 12824 B
systemprofile32 => 12824 B
LocalService => 77264 B
NetworkService => 101078 B
postgres => 107246 B
User => 256520035 B
DefaultAppPool => 256526203 B

RecycleBin => 9738597173 B
EmptyTemp: => 10.2 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 20:35:00 ====

Al reiniciar en modo normal, el comportamiento descrito en el primer mensaje se mantiene. Continnua yendo todo extrañamente lento. Abrir un explorador le sigue llevando el 1min20 como antes. Abrir el .txt del report fueron 5 segundos! :thinking: :rofl:

De momento voy a poner un ajo al lado, pero si se te ocurre más artillería lo probamos. :face_with_hand_over_mouth:

MIL GRACIAS de nuevo !!!

h .

Bien… pues ahora pasemos a verificar como tienes el disco duro de tu equipo, para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda :arrow_right: ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.

Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos :arrow_right: ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.

Nos pones el informe y comentas como sigue el problema del equipo.

Saludos.

Buenos días Javier:

He realizado el proceso indicado. Mencionar que en Visor de eventos/ Registros de Windows / Aplicación, con el indicador 1001 me aparecen 17 archivos. El que pego a continuación es el que corresponde con la fecha de inicio del análisis.

Nombre de registro:Application
Origen:        Windows Error Reporting
Fecha:         11/04/2020 21:31:20
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        owner-PC
Descripción:
Depósito con errores 1249547017542016187, tipo 5
Nombre de evento: MoAppCrash
Respuesta: No disponible
Identificador de archivo .cab: 0

Firma del problema:
P1: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
P2: praid:CortanaUI
P3: 10.0.18362.418
P4: 5d995690
P5: combase.dll
P6: 10.0.18362.356
P7: 7b512025
P8: 800703e7
P9: 000000000002f4ea
P10: 

Archivos adjuntos:
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA3F.tmp.dmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERCFF.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERD4E.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERD5C.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERD9B.tmp.txt

Es posible que estos archivos estén disponibles aquí:
\\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Window_3946d145acf1198442e4093d7c398594e6ea49_10dd1105_0d7e9cf9-cab3-4da5-8144-7116cae61980

Símbolo de análisis: 
Nueva búsqueda de una solución: 0
Id. de informe: fe81110f-13a4-47c5-a729-f30bd4e40c6a
Estado del informe: 268435456
Depósito con algoritmo hash: d522d1dcba4c52be915748645ebd9cbb
GUID de archivo .cab: 0
XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Windows Error Reporting" />
    <EventID Qualifiers="0">1001</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2020-04-11T19:31:20.544348300Z" />
    <EventRecordID>2717</EventRecordID>
    <Channel>Application</Channel>
    <Computer>owner-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>1249547017542016187</Data>
    <Data>5</Data>
    <Data>MoAppCrash</Data>
    <Data>No disponible</Data>
    <Data>0</Data>
    <Data>Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy</Data>
    <Data>praid:CortanaUI</Data>
    <Data>10.0.18362.418</Data>
    <Data>5d995690</Data>
    <Data>combase.dll</Data>
    <Data>10.0.18362.356</Data>
    <Data>7b512025</Data>
    <Data>800703e7</Data>
    <Data>000000000002f4ea</Data>
    <Data>
    </Data>
    <Data>
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERA3F.tmp.dmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERCFF.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERD4E.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERD5C.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERD9B.tmp.txt</Data>
    <Data>\\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Window_3946d145acf1198442e4093d7c398594e6ea49_10dd1105_0d7e9cf9-cab3-4da5-8144-7116cae61980</Data>
    <Data>
    </Data>
    <Data>0</Data>
    <Data>fe81110f-13a4-47c5-a729-f30bd4e40c6a</Data>
    <Data>268435456</Data>
    <Data>d522d1dcba4c52be915748645ebd9cbb</Data>
    <Data>0</Data>
  </EventData>
</Event>

Ahora el explorador de Windows ha tardado 30 segundos en aparecer. Ya es un avance!

Buen domingo y enésimas gracias. :upside_down_face: h .

Hola.

El informe que has puesto NO es el que deberias poner, fijate en el contenido del informe que figura en el tema que te puse de ayuda :arrow_right: ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Busca el que sea igual de contenido y se corresponda en hora/fecha ± al momento de volver a entrar en windows.

Saludos.

Hola Javier:

Pues ahora si que me he perdido. De odas las entradas 1001 que tengo, 16 tienen “Origen: Windows Error Reporting” y una tiene “Origen:LoadPerf”, pero ninguna tiene “Origen: Wininit”.

:roll_eyes: :flushed:

¿Que puedo estar haciendo mal?

h .

Hola.

Cuando REINICIASTE, después de lanzar el proceso con el archivo BAT, el equipo te salio una pantalla similar a esta :

Y cuánto tiempo estuvo el proceso operativo…??

Buenos dias:

Si, salió esa misma pantalla y estuvo varias horas analizando. Lo puse antes de cenar y viendo que tardaba me acosté y lo dejé haciendo. Al día siguiente estaba en una pantalla que preguntaba varias opciones, entre ellas reiniciar, que fue lo que hice. ¿Puede que eligiera mal ahí la opción? ¿Repito el proceso?

h .