Pc infectada. Parece un muestrario de porquerías

Buenas tardes. Tengo un problema con la PC de mi hija que no tiene la más mínima noción para realizar alguna acción para arreglar su PC y espero puedan ayudarla. Tiene una máquina nueva, cuando la compró le aconsejé que descargue el CCleaner, el Malwarebytes y el Avast para proteger la misma. Se ve que su niño de 13 años se dedicó a descargar juegos piratas y cuando no pudo cargar algo desinstaló el antivirus. Anoche mi hija intentó ver una película en Netflix y se abrían ventanas por todos lados y todo era un caos. Le aconsejé instalar el Rkill renombrado iExplorer.exe en el escritorio y luego de ejecutarlo pasara el Malwarebytes donde le salieron más de 350 infecciones o no se como llamarlas y las mandó a cuarentena. Luego le aconsejé que instale Kaspersky Free y no lograba instalarlo, daba error cuando llegaba al 40% de la instalación. Así que le dije que lo instale en el modo a prueba de fallos. Ahí lo instaló y lo ejecutó. Espero no haberle hecho meter la pata pero acá termina mi conocimiento sobre el tema. Les mando el detalle del análisis porque no entiendo si eliminó todo, me parece que no… La PC quedó ahí u a prueba de fallos porque mejor no tocar más nada hasta que alguien que sepa del tema nos e su opinión. Les paso el detalle del análisis:

14.06.2019 15.36.40	Análisis completo	Tarea completada	Hora de finalización: Hoy, 14/06/2019 03:36 p. m.
14.06.2019 15.36.40	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip//ProcessHacker.exe	Archivo: D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip//ProcessHacker.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Permitido por el usuario
14.06.2019 15.36.40	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip	Archivo: D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip	Nombre del objeto: not-a-virus:UDS:RiskTool.Win32.ProcHack	Motivo: Permitido por el usuario
14.06.2019 15.36.40	Objeto (archivo) detectado	D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip	Archivo: D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip	Nombre del objeto: not-a-virus:UDS:RiskTool.Win32.ProcHack
14.06.2019 15.36.40	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip//ProcessHacker.exe	Archivo: D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip//ProcessHacker.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Permitido por el usuario
14.06.2019 15.36.39	Se eliminó un objeto detectado (archivo)	D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Archivo: D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen
14.06.2019 15.36.38	Se movió a Cuarentena un objeto detectado (archivo)	D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Archivo: D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen
14.06.2019 15.25.40	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Archivo: D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Permitido por el usuario
14.06.2019 15.25.39	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Archivo: D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Nombre del objeto: HEUR:Backdoor.Win32.Androm.gen	Motivo: Permitido por el usuario
14.06.2019 15.25.37	Se eliminó un objeto detectado (archivo)	D:\Users\Jose\Documents\aresregular209.exe	Archivo: D:\Users\Jose\Documents\aresregular209.exe	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen
14.06.2019 15.24.35	Objeto (archivo) detectado	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//ALERT.DLL	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//ALERT.DLL	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen
14.06.2019 15.24.34	Objeto (archivo) detectado	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TBEDRS.DLL	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TBEDRS.DLL	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen
14.06.2019 15.24.33	Se movió a Cuarentena un objeto detectado (archivo)	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TOOLBARHELPER.EXE	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TOOLBARHELPER.EXE	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen
14.06.2019 15.24.09	Se eliminó un objeto detectado (archivo)	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe	Nombre del objeto: HackTool.MSIL.KMSAuto.dh
14.06.2019 15.22.42	Se movió a Cuarentena un objeto detectado (archivo)	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Nombre del objeto: HackTool.MSIL.KMSAuto.dh
14.06.2019 15.22.40	Se eliminó un objeto detectado (archivo)	C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Archivo: C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen
14.06.2019 15.22.40	Se movió a Cuarentena un objeto detectado (archivo)	C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Archivo: C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen
14.06.2019 15.01.18	Se eliminó un objeto detectado (archivo)	C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Archivo: C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Nombre del objeto: Backdoor.Win32.Mokes.agoy
14.06.2019 15.01.17	Se movió a Cuarentena un objeto detectado (archivo)	C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Archivo: C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Nombre del objeto: Backdoor.Win32.Mokes.agoy
14.06.2019 15.01.15	Objeto (archivo) no procesado	C:\Windows\SECOH-QAD.dll	Archivo: C:\Windows\SECOH-QAD.dll	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Permitido por el usuario
14.06.2019 15.01.15	Se eliminó un objeto detectado (archivo)	C:\Users\Jose\AppData\Local\lobby.dat	Archivo: C:\Users\Jose\AppData\Local\lobby.dat	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Linkury.gen
14.06.2019 15.01.15	Se movió a Cuarentena un objeto detectado (archivo)	C:\Users\Jose\AppData\Local\lobby.dat	Archivo: C:\Users\Jose\AppData\Local\lobby.dat	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Linkury.gen
14.06.2019 15.01.07	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Permitido por el usuario
14.06.2019 15.01.06	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Permitido por el usuario
14.06.2019 15.01.05	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Permitido por el usuario
14.06.2019 14.58.32	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip//ProcessHacker.exe	Archivo: D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip//ProcessHacker.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Pospuesto
14.06.2019 14.58.32	Objeto (archivo) detectado	D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip//ProcessHacker.exe	Archivo: D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip//ProcessHacker.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen
14.06.2019 14.58.06	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip//ProcessHacker.exe	Archivo: D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip//ProcessHacker.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Pospuesto
14.06.2019 14.58.06	Objeto (archivo) detectado	D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip//ProcessHacker.exe	Archivo: D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip//ProcessHacker.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen
14.06.2019 14.57.52	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Archivo: D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen	Motivo: Pospuesto
14.06.2019 14.57.52	Objeto (archivo) detectado	D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Archivo: D:\Users\Jose\Downloads\jak xdxd - AxXxel.rar//jak xdxd\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen
14.06.2019 14.56.17	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Archivo: D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Pospuesto
14.06.2019 14.56.17	Objeto (archivo) detectado	D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Archivo: D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen
14.06.2019 14.52.46	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Archivo: D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Nombre del objeto: HEUR:Backdoor.Win32.Androm.gen	Motivo: Pospuesto
14.06.2019 14.52.46	Objeto (archivo) detectado	D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Archivo: D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Nombre del objeto: HEUR:Backdoor.Win32.Androm.gen
14.06.2019 14.48.05	Objeto (archivo) no procesado	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//ALERT.DLL	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//ALERT.DLL	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen	Motivo: Pospuesto
14.06.2019 14.48.04	Objeto (archivo) no procesado	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TBEDRS.DLL	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TBEDRS.DLL	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen	Motivo: Pospuesto
14.06.2019 14.47.58	Objeto (archivo) no procesado	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TOOLBARHELPER.EXE	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TOOLBARHELPER.EXE	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen	Motivo: Pospuesto
14.06.2019 14.47.58	Objeto (archivo) detectado	D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TOOLBARHELPER.EXE	Archivo: D:\Users\Jose\Documents\aresregular209.exe//WISE0008.BIN//TOOLBARHELPER.EXE	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Conduit.gen
14.06.2019 14.45.40	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0011.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Pospuesto
14.06.2019 14.45.39	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0010.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Pospuesto
14.06.2019 14.45.39	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0008.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 14.45.38	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003	Nombre del objeto: UDS:HackTool.MSIL.KMSAuto.di	Motivo: Pospuesto
14.06.2019 14.45.38	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003	Nombre del objeto: UDS:HackTool.MSIL.KMSAuto.di
14.06.2019 14.45.37	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0035.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0035.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Pospuesto
14.06.2019 14.45.37	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0034.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0034.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Pospuesto
14.06.2019 14.45.37	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0032.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0032.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 14.45.36	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Nombre del objeto: HackTool.MSIL.KMSAuto.dh	Motivo: Pospuesto
14.06.2019 14.45.30	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0011.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Pospuesto
14.06.2019 14.45.30	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0011.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat
14.06.2019 14.45.30	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0010.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Pospuesto
14.06.2019 14.45.30	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0010.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a
14.06.2019 14.45.28	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0008.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 14.45.28	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0008.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0004//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a
14.06.2019 14.45.27	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0035.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0035.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Pospuesto
14.06.2019 14.45.27	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0035.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0035.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat
14.06.2019 14.45.27	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0034.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0034.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Pospuesto
14.06.2019 14.45.27	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0034.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0034.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a
14.06.2019 14.45.26	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0032.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0032.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 14.45.26	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0032.res	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0003//data0032.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a
14.06.2019 14.45.24	Objeto (archivo) no procesado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Nombre del objeto: HackTool.MSIL.KMSAuto.dh	Motivo: Pospuesto
14.06.2019 14.45.24	Objeto (archivo) detectado	D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Archivo: D:\KMSpico 10.2.0.rar//KMSpico 10.2.0\KMSpico 10.2.0\KMSpico_setup.exe//data0000	Nombre del objeto: HackTool.MSIL.KMSAuto.dh
14.06.2019 14.20.16	Objeto (archivo) no procesado	C:\Windows\SECOH-QAD.dll	Archivo: C:\Windows\SECOH-QAD.dll	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 14.20.16	Objeto (archivo) detectado	C:\Windows\SECOH-QAD.dll	Archivo: C:\Windows\SECOH-QAD.dll	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a
14.06.2019 14.01.06	Objeto (archivo) no procesado	C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Archivo: C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen	Motivo: Pospuesto
14.06.2019 14.01.06	Objeto (archivo) detectado	C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Archivo: C:\Users\Jose\AppData\Roaming\.minecraft\versions\huzuni\huzuni.jar	Nombre del objeto: HEUR:Trojan.Java.Agent.gen
14.06.2019 13.57.40	Objeto (archivo) no procesado	C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Archivo: C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Nombre del objeto: Backdoor.Win32.Mokes.agoy	Motivo: Pospuesto
14.06.2019 13.57.40	Objeto (archivo) detectado	C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Archivo: C:\Users\Jose\AppData\Local\Temp\Discord Crashes\1khcfxn4.sge\DiskProtect10086\cdplayerassistv10.exe	Nombre del objeto: Backdoor.Win32.Mokes.agoy
14.06.2019 13.52.58	Objeto (archivo) no procesado	C:\Users\Jose\AppData\Local\lobby.dat	Archivo: C:\Users\Jose\AppData\Local\lobby.dat	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Linkury.gen	Motivo: Pospuesto
14.06.2019 13.52.58	Objeto (archivo) detectado	C:\Users\Jose\AppData\Local\lobby.dat	Archivo: C:\Users\Jose\AppData\Local\lobby.dat	Nombre del objeto: not-a-virus:HEUR:AdWare.Win32.Linkury.gen
14.06.2019 13.19.37	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Pospuesto
14.06.2019 13.19.37	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Pospuesto
14.06.2019 13.19.34	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 13.08.13	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat	Motivo: Pospuesto
14.06.2019 13.08.13	Objeto (archivo) detectado	C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0011.res	Nombre del objeto: not-a-virus:RiskTool.Win32.ProcPatcher.aat
14.06.2019 13.08.12	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a	Motivo: Pospuesto
14.06.2019 13.08.12	Objeto (archivo) detectado	C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0010.res	Nombre del objeto: not-a-virus:RiskTool.Win64.ProcPatcher.a
14.06.2019 13.08.10	Objeto (archivo) no procesado	C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a	Motivo: Pospuesto
14.06.2019 13.08.10	Objeto (archivo) detectado	C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Archivo: C:\Program Files\KMSpico\Service_KMS.exe//data0008.res	Nombre del objeto: not-a-virus:NetTool.Win64.RPCHook.a
14.06.2019 13.05.46	Análisis completo	Tarea iniciada	Hora: Hoy, 14/06/2019 01:05 p. m.

Muchísimas gracias por su tiempo, espero puedan ayudar con este lío. Saludos

Hola @Marita4142

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden (los programas que ya tenga, no hace falta que los descargue)

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Hola Daniela:

Según lo que indicaste hice un análisis con Malwarebytes y duró 4 minutos y no detectó nada. Luego hice un personalizado por las dudas y duró como 8 hs y tampoco produjo ninguna novedad. Se ve que está´mejorando porque la primera vez que lo pasé dio más de 320 elementos maliciosos detectados. Te paso el informe: -Información del sistema- SO: Windows 10 (Build 17134.829) CPU: x64 Sistema de archivos: NTFS Usuario: DESKTOP\Jose

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 808437
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 8 hr, 52 min, 2 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Y este es el informe del AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-15-2019
# Duration: 00:00:25
# OS:       Windows 10 Pro
# Scanned:  27501
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [3210 octets] - [13/06/2019 18:29:46]
AdwCleaner[C00].txt - [2996 octets] - [13/06/2019 18:33:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Todos los análisis los hice a prueba de errores porque no me permite hacerlo de otra manera porque los análisis se cortan y dan error.

Luego reinicie el equipo en forma normal y da el siguiente error, te mando la imágen:

Muchísimas gracias por tu ayuda que or lo visto sigo necesitando. Saludos.

Hola

Desactiva temporalmente tu antivirus.

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Hola Daniela muchísimas gracias por seguir ayudando en else probema. Te mando los reportes:

Reporte Frst.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2019
Ran by Jose (administrator) on DESKTOP (Gigabyte Technology Co., Ltd. H110M-H) (15-06-2019 17:10:39)
Running from d:\Users\Jose\Downloads
Loaded Profiles: Jose (Available Profiles: Jose & Administrador)
Platform: Windows 10 Pro Version 1803 17134.829 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jose\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jose\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jose\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jose\AppData\Local\Discord\app-0.0.305\Discord.exe
(FACE IT LIMITED -> FACEIT Ltd.) C:\Users\Jose\AppData\Local\FACEITApp\app-1.22.5\FACEIT.exe
(FACE IT LIMITED -> FACEIT Ltd.) C:\Users\Jose\AppData\Local\FACEITApp\app-1.22.5\FACEIT.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Speech\Common\sapisvr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Run: [EPSON T24 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFAB.EXE [223232 2008-09-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Run: [FACEIT] => C:\Users\Jose\AppData\Local\FACEITApp\update.exe [2204616 2019-06-11] (FACE IT LIMITED -> )
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1723888 2019-05-20] (Google LLC -> Google Inc.)
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\WINDOWS\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-09] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe

==================== Scheduled Tasks (Whitelisted) ============= 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {56355CDC-8BDD-4CEA-9DD5-0C7DE742A51A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {58E062A4-9C8E-4463-B8E4-A4732356B7B6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {61FC2AF5-1435-492A-8581-A9529FFDA38B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6375B928-19C5-4041-986C-804891EFBCF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D396638-9B80-4FD2-83DD-660BE2735B1E} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3685360 2015-06-04] (Nero AG -> Nero AG)
Task: {8EB2BABB-93A9-41C3-B491-B3C162C6DF5A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {AEDA5978-966D-45EE-ACD5-CB99CA2B95E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-28] (Google Inc -> Google Inc.)
Task: {B482FA9F-8392-45C9-90C6-3D81F464F39F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-28] (Google Inc -> Google Inc.)
Task: {CF22A0AF-C5CB-4895-9F42-C82E5D9ACA8A} - System32\Tasks\Opera scheduled Autoupdate 1543404976 => C:\Users\Jose\AppData\Local\Programs\Opera\launcher.exe [1367640 2018-10-22] (Opera Software AS -> Opera Software)
Task: {F85D5B5E-B708-4707-A997-66F6D7CE4829} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FDBB9AA8-C638-41BD-ABCE-963F8D2A4847} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{c817ed67-3328-4fc7-b7a8-7d99545bb9ca}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{e869aa51-cd84-484a-a51e-e9e564e87074}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-324268131-322235690-2907400536-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-324268131-322235690-2907400536-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-324268131-322235690-2907400536-1002 -> hxxp://www.google.com

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-06-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2018-06-28] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2018-06-28] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG -> Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default [2019-06-15]
CHR Extension: (Presentaciones) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-29]
CHR Extension: (Documentos) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-29]
CHR Extension: (Google Drive) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-29]
CHR Extension: (Paladín Oscuro) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmjmglfpabdmibpdgninhjfiopdjigpo [2019-06-14]
CHR Extension: (Social Blade) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2019-04-23] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (Adobe Acrobat) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-10]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hojas de cálculo) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26]
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Discord Screen Sharing) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcbhdgefieegnkbopmgklhlpjjdgmbog [2018-09-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-29]
CHR Extension: (Gmail) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Profile: C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-13]
CHR Profile: C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-14]
CHR Extension: (Presentaciones) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-22]
CHR Extension: (Kaspersky Protection) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-06-13]
CHR Extension: (Documentos) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-22]
CHR Extension: (Google Drive) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-22]
CHR Extension: (YouTube) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-13]
CHR Extension: (Hojas de cálculo) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-05]
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-22]
CHR Extension: (Gmail) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-13]
CHR Profile: C:\Users\Jose\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-14]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-324268131-322235690-2907400536-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-06-04] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit Information Technology -> IObit)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703584 2011-09-16] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 NovaPdf9Server; C:\Program Files\Softland\novaPDF 9\Server\novapdfs.exe [56248 2018-04-17] (Softland SRL -> Microsoft)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-02-27] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 71d1998346e5cea1; C:\WINDOWS\system32\drivers\71d1998346e5cea1.sys [30912 2019-06-12] (BlockChain Advances Ltd -> FsFilter Network)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET, spol. s r.o. -> ESET)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16111992 2019-05-30] (FACE IT LIMITED -> )
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit Information Technology -> IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit Information Technology -> IObit.com)
S3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [32360 2016-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [125568 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197464 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-15] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6831056 2017-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167232 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [45408 2018-01-10] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Continúa reporte Frst.txt

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-15 17:10 - 2019-06-15 17:10 - 000000000 ____D C:\FRST
2019-06-15 14:05 - 2019-06-15 14:05 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-15 14:05 - 2019-06-15 14:05 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2019-06-14 12:41 - 2019-06-14 12:41 - 000000000 ____D C:\WINDOWS\SysWOW64\%Data%
2019-06-14 11:54 - 2019-06-14 11:54 - 000302368 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2019-06-14 11:52 - 2019-06-14 11:52 - 000245272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2019-06-14 11:52 - 2019-06-14 11:52 - 000198768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2019-06-14 11:52 - 2019-06-14 11:52 - 000116104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2019-06-14 11:52 - 2019-06-14 11:52 - 000099152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2019-06-14 11:52 - 2019-06-14 11:52 - 000001270 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-06-14 11:52 - 2019-06-14 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-06-14 11:51 - 2019-06-14 11:51 - 000002125 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-06-14 11:51 - 2019-06-14 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-06-14 11:51 - 2019-06-14 11:51 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-06-14 11:51 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2019-06-14 11:50 - 2019-06-14 12:12 - 001168000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2019-06-14 11:50 - 2019-06-14 12:12 - 000236672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2019-06-14 11:50 - 2019-06-14 12:11 - 001093248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2019-06-14 11:50 - 2019-06-14 12:08 - 000152288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2019-06-14 11:31 - 2019-06-14 11:31 - 000001086 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-06-14 11:31 - 2019-06-14 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-06-14 11:31 - 2019-06-14 11:31 - 000000000 ____D C:\Program Files\VS Revo Group
2019-06-14 09:58 - 2019-06-14 09:58 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-13 19:43 - 2019-06-15 17:08 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-06-13 19:38 - 2019-06-14 11:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-06-13 18:58 - 2019-06-13 18:58 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\27355592.sys
2019-06-13 18:57 - 2019-06-14 17:40 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2019-06-13 18:57 - 2019-06-13 20:27 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-06-13 18:23 - 2019-06-13 18:31 - 000000000 ____D C:\AdwCleaner
2019-06-13 17:46 - 2019-06-13 17:46 - 000000000 ____D C:\Users\Jose\AppData\Local\mbam
2019-06-13 17:45 - 2019-06-13 18:11 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-13 17:45 - 2019-06-13 17:45 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-13 17:45 - 2019-06-13 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-13 17:45 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-12 19:18 - 2019-06-12 19:18 - 000000000 ____D C:\Users\Jose\AppData\Roaming\Mozilla
2019-06-12 19:17 - 2019-06-12 19:17 - 000030912 _____ (FsFilter Network) C:\WINDOWS\system32\Drivers\71d1998346e5cea1.sys
2019-06-12 19:17 - 2019-06-12 19:17 - 000000000 ____D C:\ProgramData\Pader
2019-06-12 19:16 - 2019-06-12 19:18 - 000722944 _____ C:\Users\Jose\AppData\Local\sha.db
2019-06-12 19:16 - 2019-06-12 19:16 - 000466944 _____ (PetGame) C:\Users\Jose\AppData\Local\PetGame.exe
2019-06-12 19:16 - 2019-06-12 19:16 - 000140800 _____ C:\Users\Jose\AppData\Local\installer.dat
2019-06-12 19:16 - 2019-06-12 19:16 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2019-06-11 19:31 - 2019-06-07 08:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-11 19:31 - 2019-06-07 07:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-11 19:31 - 2019-06-07 07:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-11 19:31 - 2019-06-07 07:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-11 19:31 - 2019-06-07 07:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-11 19:31 - 2019-06-07 07:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-11 19:31 - 2019-06-07 07:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-11 19:31 - 2019-06-07 07:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-11 19:31 - 2019-06-07 03:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-11 19:31 - 2019-06-07 02:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-11 19:31 - 2019-06-07 02:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-11 19:31 - 2019-06-07 02:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-11 19:31 - 2019-06-07 02:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-11 19:31 - 2019-06-07 02:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-11 19:31 - 2019-06-07 02:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-11 19:31 - 2019-06-07 02:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-11 19:31 - 2019-06-07 02:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-11 19:31 - 2019-06-07 02:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-11 19:31 - 2019-06-07 02:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-11 19:31 - 2019-06-07 02:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-11 19:31 - 2019-06-07 02:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-11 19:31 - 2019-06-07 02:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-11 19:31 - 2019-06-07 02:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-11 19:31 - 2019-06-07 02:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-11 19:31 - 2019-06-07 02:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-11 19:31 - 2019-06-07 02:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-11 19:31 - 2019-06-07 02:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-11 19:31 - 2019-06-07 02:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-11 19:31 - 2019-06-07 02:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-11 19:31 - 2019-06-07 02:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-11 19:31 - 2019-06-07 02:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-11 19:31 - 2019-06-07 02:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-11 19:31 - 2019-06-07 02:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-11 19:31 - 2019-06-07 02:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-11 19:31 - 2019-06-07 02:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-11 19:31 - 2019-06-07 02:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-11 19:31 - 2019-06-07 02:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-11 19:31 - 2019-06-07 02:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-11 19:31 - 2019-06-07 02:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-11 19:31 - 2019-06-07 02:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-11 19:31 - 2019-06-07 02:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-11 19:31 - 2019-06-07 02:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-11 19:31 - 2019-06-07 02:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-11 19:31 - 2019-06-07 02:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-11 19:31 - 2019-06-07 02:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-11 19:31 - 2019-06-07 02:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-11 19:31 - 2019-06-07 02:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-11 19:31 - 2019-06-07 02:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-11 19:31 - 2019-06-07 02:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-11 19:31 - 2019-06-07 02:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-11 19:31 - 2019-06-07 02:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-11 19:31 - 2019-06-07 02:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-11 19:31 - 2019-06-07 02:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-11 19:31 - 2019-06-07 02:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-11 19:31 - 2019-06-07 02:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-11 19:31 - 2019-06-07 02:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-11 19:31 - 2019-05-17 09:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-11 19:31 - 2019-05-17 09:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-11 19:31 - 2019-05-17 09:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-11 19:31 - 2019-05-17 09:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-11 19:31 - 2019-05-17 09:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-11 19:31 - 2019-05-17 09:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-11 19:31 - 2019-05-17 09:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-11 19:31 - 2019-05-17 09:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-11 19:31 - 2019-05-17 08:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-11 19:31 - 2019-05-17 08:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-11 19:31 - 2019-05-17 08:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-11 19:31 - 2019-05-17 08:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-11 19:31 - 2019-05-17 08:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-11 19:31 - 2019-05-17 06:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-11 19:31 - 2019-05-17 05:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-11 19:31 - 2019-05-17 04:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-11 19:31 - 2019-05-17 03:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-11 19:31 - 2019-05-17 03:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-11 19:31 - 2019-05-17 03:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-11 19:31 - 2019-05-17 03:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-11 19:31 - 2019-05-17 03:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-11 19:31 - 2019-05-17 03:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-11 19:31 - 2019-05-17 03:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-11 19:31 - 2019-05-17 03:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-11 19:31 - 2019-05-17 03:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-11 19:31 - 2019-05-17 03:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-11 19:31 - 2019-05-17 03:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-11 19:31 - 2019-05-17 03:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-11 19:31 - 2019-05-17 03:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-11 19:31 - 2019-05-17 03:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-11 19:31 - 2019-05-17 03:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-11 19:31 - 2019-05-17 03:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-11 19:31 - 2019-05-17 03:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-11 19:31 - 2019-05-17 03:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-11 19:31 - 2019-05-17 03:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-11 19:31 - 2019-05-17 03:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-11 19:31 - 2019-05-17 03:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-11 19:31 - 2019-05-17 03:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-11 19:31 - 2019-05-17 02:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-11 19:31 - 2019-05-17 02:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-11 19:31 - 2019-05-17 02:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-11 19:31 - 2019-05-17 02:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-11 19:31 - 2019-05-17 02:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-11 19:31 - 2019-05-17 02:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-11 19:31 - 2019-05-17 02:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-11 19:31 - 2019-05-17 02:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-11 19:31 - 2019-05-17 02:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-11 19:31 - 2019-05-17 02:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-11 19:31 - 2019-05-17 02:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-11 19:31 - 2019-05-17 02:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-11 19:31 - 2019-05-17 02:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-11 19:31 - 2019-05-17 02:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-11 19:31 - 2019-05-17 02:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-11 19:31 - 2019-05-17 02:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-11 19:31 - 2019-05-17 02:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-11 19:30 - 2019-06-07 08:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-11 19:30 - 2019-06-07 07:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-11 19:30 - 2019-06-07 07:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-11 19:30 - 2019-06-07 07:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-11 19:30 - 2019-06-07 07:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-11 19:30 - 2019-06-07 07:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-11 19:30 - 2019-06-07 07:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-11 19:30 - 2019-06-07 07:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-11 19:30 - 2019-06-07 03:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-11 19:30 - 2019-06-07 02:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-11 19:30 - 2019-06-07 02:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-11 19:30 - 2019-06-07 02:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-11 19:30 - 2019-06-07 02:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-11 19:30 - 2019-06-07 02:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-11 19:30 - 2019-06-07 02:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-11 19:30 - 2019-06-07 02:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-11 19:30 - 2019-06-07 02:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-11 19:30 - 2019-06-07 02:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-11 19:30 - 2019-06-07 02:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-11 19:30 - 2019-06-07 02:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-11 19:30 - 2019-06-07 02:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-11 19:30 - 2019-06-07 02:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-11 19:30 - 2019-06-07 02:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-11 19:30 - 2019-06-07 02:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-11 19:30 - 2019-06-07 02:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-11 19:30 - 2019-06-07 02:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-11 19:30 - 2019-06-07 02:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-11 19:30 - 2019-06-07 02:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-11 19:30 - 2019-06-07 02:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-11 19:30 - 2019-06-07 02:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-11 19:30 - 2019-06-07 02:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-11 19:30 - 2019-06-07 02:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-11 19:30 - 2019-06-07 02:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-11 19:30 - 2019-06-07 02:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-11 19:30 - 2019-06-07 02:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-11 19:30 - 2019-06-07 02:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-11 19:30 - 2019-06-07 01:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-11 19:30 - 2019-05-18 19:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-11 19:30 - 2019-05-18 19:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-11 19:30 - 2019-05-18 19:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-11 19:30 - 2019-05-18 19:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-11 19:30 - 2019-05-17 09:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-11 19:30 - 2019-05-17 09:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-11 19:30 - 2019-05-17 09:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-11 19:30 - 2019-05-17 09:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-11 19:30 - 2019-05-17 09:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-11 19:30 - 2019-05-17 09:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-11 19:30 - 2019-05-17 09:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-11 19:30 - 2019-05-17 09:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-11 19:30 - 2019-05-17 09:23 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-06-11 19:30 - 2019-05-17 09:23 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-06-11 19:30 - 2019-05-17 09:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-11 19:30 - 2019-05-17 09:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-11 19:30 - 2019-05-17 09:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-11 19:30 - 2019-05-17 09:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-11 19:30 - 2019-05-17 09:20 - 001970688 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-06-11 19:30 - 2019-05-17 09:20 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2019-06-11 19:30 - 2019-05-17 09:20 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2019-06-11 19:30 - 2019-05-17 09:20 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-06-11 19:30 - 2019-05-17 09:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-11 19:30 - 2019-05-17 08:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-11 19:30 - 2019-05-17 08:58 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-06-11 19:30 - 2019-05-17 08:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-11 19:30 - 2019-05-17 08:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-11 19:30 - 2019-05-17 08:55 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2019-06-11 19:30 - 2019-05-17 03:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-11 19:30 - 2019-05-17 03:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-11 19:30 - 2019-05-17 03:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-11 19:30 - 2019-05-17 03:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-11 19:30 - 2019-05-17 03:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-11 19:30 - 2019-05-17 03:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-11 19:30 - 2019-05-17 03:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-11 19:30 - 2019-05-17 03:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-11 19:30 - 2019-05-17 03:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-11 19:30 - 2019-05-17 03:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-11 19:30 - 2019-05-17 03:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-11 19:30 - 2019-05-17 03:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-11 19:30 - 2019-05-17 03:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-11 19:30 - 2019-05-17 03:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-11 19:30 - 2019-05-17 03:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-11 19:30 - 2019-05-17 03:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-11 19:30 - 2019-05-17 03:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-11 19:30 - 2019-05-17 03:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-11 19:30 - 2019-05-17 03:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-11 19:30 - 2019-05-17 03:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-11 19:30 - 2019-05-17 03:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-11 19:30 - 2019-05-17 03:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-11 19:30 - 2019-05-17 03:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-11 19:30 - 2019-05-17 03:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-11 19:30 - 2019-05-17 03:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-11 19:30 - 2019-05-17 03:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-11 19:30 - 2019-05-17 03:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-11 19:30 - 2019-05-17 03:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-11 19:30 - 2019-05-17 03:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-11 19:30 - 2019-05-17 03:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-11 19:30 - 2019-05-17 03:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-11 19:30 - 2019-05-17 03:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-11 19:30 - 2019-05-17 03:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-11 19:30 - 2019-05-17 03:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-11 19:30 - 2019-05-17 03:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-11 19:30 - 2019-05-17 02:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-11 19:30 - 2019-05-17 02:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-11 19:30 - 2019-05-17 02:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-11 19:30 - 2019-05-17 02:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-11 19:30 - 2019-05-17 02:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-11 19:30 - 2019-05-17 02:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-11 19:30 - 2019-05-17 02:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-11 19:30 - 2019-05-17 02:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-11 19:30 - 2019-05-17 02:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-11 19:30 - 2019-05-17 02:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-11 19:30 - 2019-05-17 02:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-11 19:30 - 2019-05-17 02:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-11 19:30 - 2019-05-17 02:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-11 19:30 - 2019-05-17 02:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-11 19:30 - 2019-05-17 02:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-11 19:30 - 2019-05-17 02:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-11 19:30 - 2019-05-17 02:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-11 19:30 - 2019-05-17 02:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-11 19:30 - 2019-05-17 02:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-11 19:30 - 2019-05-17 02:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-11 19:30 - 2019-05-17 02:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-11 19:30 - 2019-05-17 02:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-11 19:30 - 2019-05-17 02:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-04 18:40 - 2019-06-04 18:40 - 000000000 ____D C:\Users\Jose\AppData\LocalLow\Smartly Dressed Games
2019-06-04 18:40 - 2019-06-04 18:40 - 000000000 ____D C:\Users\Jose\AppData\Local\BattlEye
2019-06-03 20:41 - 2019-06-03 20:41 - 000000000 ____D C:\Users\Jose\AppData\Local\AdvinstAnalytics
2019-05-30 22:27 - 2019-06-13 13:08 - 000000000 ____D C:\Users\Jose\AppData\Roaming\FACEIT
2019-05-30 22:27 - 2019-06-11 18:27 - 000000000 ____D C:\Users\Jose\AppData\Local\FACEITApp
2019-05-30 22:27 - 2019-05-30 22:28 - 016111992 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2019-05-30 22:27 - 2019-05-30 22:27 - 000000899 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2019-05-30 22:27 - 2019-05-30 22:27 - 000000000 ____D C:\Users\Jose\AppData\Local\FACEIT
2019-05-30 22:27 - 2019-05-30 22:27 - 000000000 ____D C:\Program Files\FACEIT AC
2019-05-28 12:52 - 2019-05-28 12:52 - 000001140 _____ C:\Users\Public\Desktop\MyEpson Portal.lnk
2019-05-28 12:52 - 2019-05-28 12:52 - 000000000 ____D C:\Program Files (x86)\EPSON
2019-05-22 20:57 - 2019-02-13 02:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-05-17 22:21 - 2019-05-17 22:21 - 000000982 _____ C:\Users\Public\Desktop\League of Legends.lnk
2019-05-17 22:20 - 2019-05-17 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-05-16 19:23 - 2019-05-16 19:23 - 000000000 ____D C:\Users\Jose\datamc

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-15 16:05 - 2018-06-29 21:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-15 15:30 - 2019-02-24 22:23 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-15 14:31 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-15 14:28 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-15 14:15 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-15 14:06 - 2018-06-28 23:43 - 000000000 __SHD C:\Users\Jose\IntelGraphicsProfiles
2019-06-15 14:06 - 2018-06-28 21:39 - 000000000 ____D C:\Program Files\KMSpico
2019-06-15 14:04 - 2018-06-29 21:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-15 14:04 - 2018-04-11 18:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-15 13:51 - 2018-06-28 22:48 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-06-15 12:21 - 2018-10-13 20:56 - 000000000 ____D C:\WINDOWS\Minidump
2019-06-15 12:21 - 2018-07-28 22:38 - 000000000 ____D C:\Users\Jose\AppData\Local\CrashDumps
2019-06-14 12:50 - 2018-06-28 21:46 - 000000000 ____D C:\WINDOWS\pss
2019-06-14 12:12 - 2019-02-14 22:09 - 000184960 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2019-06-14 12:12 - 2019-02-14 22:09 - 000125568 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupflt.sys
2019-06-14 12:12 - 2019-02-14 22:09 - 000091472 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
2019-06-14 12:12 - 2018-02-24 05:17 - 000218240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2019-06-14 12:12 - 2018-02-17 02:50 - 000104576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2019-06-14 12:12 - 2018-01-15 05:13 - 000060536 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2019-06-14 12:12 - 2017-05-30 18:51 - 000050304 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2019-06-14 12:11 - 2019-02-14 22:09 - 000046416 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys
2019-06-14 12:11 - 2018-02-12 04:17 - 000058704 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2019-06-14 12:11 - 2017-12-11 11:49 - 000060784 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klmouflt.sys
2019-06-14 12:08 - 2019-02-14 22:09 - 000075600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2019-06-14 11:52 - 2018-06-29 02:38 - 000000000 ____D C:\Program Files\Common Files\AV
2019-06-14 11:51 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-14 11:51 - 2018-04-11 18:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-06-14 11:08 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-14 09:58 - 2018-06-29 21:23 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-14 09:58 - 2018-06-28 21:23 - 000000000 ____D C:\Program Files\CCleaner
2019-06-13 20:35 - 2018-07-25 15:33 - 000000000 ____D C:\ProgramData\ProductData
2019-06-13 19:21 - 2019-03-29 19:46 - 000000000 ____D C:\Program Files (x86)\Notepad++
2019-06-13 18:58 - 2019-01-27 20:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-13 18:04 - 2018-06-29 09:01 - 000000000 ____D C:\Program Files\MSBuild
2019-06-13 18:01 - 2018-06-28 21:23 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-13 18:01 - 2018-06-28 21:23 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-13 17:33 - 2017-09-29 10:46 - 000000167 _____ C:\WINDOWS\win.ini
2019-06-13 17:25 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-12 21:53 - 2018-10-19 18:13 - 000000000 ____D C:\Users\Jose\AppData\Roaming\discord
2019-06-12 20:11 - 2018-06-29 21:55 - 000000000 ____D C:\Users\Jose\AppData\Local\D3DSCache
2019-06-12 07:50 - 2018-06-29 21:18 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-12 07:50 - 2018-04-12 13:19 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2019-06-12 07:50 - 2018-04-12 13:19 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2019-06-12 07:45 - 2018-06-28 23:43 - 000000000 ___RD C:\Users\Jose\3D Objects
2019-06-12 07:45 - 2018-06-28 02:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 07:44 - 2018-06-29 21:03 - 000402880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-11 22:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-11 22:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-11 22:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-11 22:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-06-11 22:36 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-11 19:28 - 2018-06-28 23:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-11 19:10 - 2018-06-28 23:25 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-06 20:01 - 2018-10-26 21:16 - 000000000 ____D C:\Users\Jose\AppData\Roaming\obs-studio
2019-06-06 10:53 - 2018-07-17 21:12 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-324268131-322235690-2907400536-1002
2019-06-06 10:53 - 2018-06-29 21:08 - 000002401 _____ C:\Users\Jose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-06 10:53 - 2018-06-28 23:46 - 000000000 ___RD C:\Users\Jose\OneDrive
2019-06-05 15:50 - 2018-10-11 19:27 - 000000000 ____D C:\Users\Jose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-04 18:22 - 2018-12-26 21:35 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-06-04 08:54 - 2018-12-18 18:38 - 000000000 ____D C:\Users\Jose\AppData\Roaming\TS3Client
2019-06-03 20:30 - 2019-04-06 19:13 - 000000000 ____D C:\ProgramData\MTA San Andreas All
2019-05-30 22:57 - 2018-04-11 20:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-30 22:57 - 2018-04-11 20:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-30 22:28 - 2019-04-16 10:34 - 000000000 ____D C:\Users\Jose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2019-05-30 22:28 - 2018-10-19 18:13 - 000000000 ____D C:\Users\Jose\AppData\Local\SquirrelTemp
2019-05-30 22:02 - 2018-07-17 15:12 - 000000000 ____D C:\Users\Jose\AppData\Roaming\vlc
2019-05-28 12:52 - 2018-10-10 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2019-05-28 12:52 - 2018-10-10 12:47 - 000000000 ____D C:\ProgramData\EPSON
2019-05-24 08:58 - 2018-06-28 23:43 - 000000000 ____D C:\Users\Jose\AppData\Local\Packages
2019-05-18 18:15 - 2018-07-08 20:22 - 000000000 ____D C:\Users\Jose\AppData\Local\ElevatedDiagnostics
2019-05-18 17:36 - 2019-04-06 19:14 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2019-05-18 17:36 - 2019-04-06 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-05-18 17:22 - 2018-07-15 19:57 - 000000000 ____D C:\Users\Jose\AppData\Roaming\.minecraft
2019-05-17 22:35 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-17 22:19 - 2018-12-03 16:58 - 000000000 ____D C:\Riot Games
2019-05-16 19:23 - 2018-06-29 21:08 - 000000000 ___HD C:\Users\Jose
2019-05-16 19:18 - 2018-11-16 13:14 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories ================

2018-11-29 11:53 - 2019-01-17 13:57 - 000000037 _____ () C:\Users\Jose\AppData\Roaming\WB.CFG
2018-12-06 13:07 - 2018-12-06 13:40 - 000001536 _____ () C:\Users\Jose\AppData\Local\GfxMetrics.cfg
2018-12-06 13:40 - 2018-12-06 13:40 - 000206336 _____ () C:\Users\Jose\AppData\Local\GfxMetrics.dat
2019-06-12 19:16 - 2019-06-12 19:16 - 000140800 _____ () C:\Users\Jose\AppData\Local\installer.dat
2019-06-12 19:16 - 2019-06-12 19:16 - 000466944 _____ (PetGame) C:\Users\Jose\AppData\Local\PetGame.exe
2018-07-03 13:17 - 2018-07-03 13:17 - 000007605 _____ () C:\Users\Jose\AppData\Local\Resmon.ResmonCfg
2019-06-12 19:16 - 2019-06-12 19:18 - 000722944 _____ () C:\Users\Jose\AppData\Local\sha.db
2018-12-31 15:16 - 2018-12-31 15:16 - 000000153 _____ () C:\Users\Jose\AppData\Local\{C65691F2-3567-459D-9732-7AA69009EA33}
2018-12-16 15:36 - 2018-12-16 15:36 - 000000153 _____ () C:\Users\Jose\AppData\Local\{DD16A05E-2D0E-47B8-BF6B-92CDBB86E35A}
2019-01-26 15:16 - 2019-01-26 15:16 - 000000153 _____ () C:\Users\Jose\AppData\Local\{E812A4F4-0BFA-48B8-9CDD-56F2B2B90093}

==================== FLock ================

2018-06-28 02:38 C:\WINDOWS\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Ahora envío reporte de Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by Jose (15-06-2019 17:12:30)
Running from d:\Users\Jose\Downloads
Windows 10 Pro Version 1803 17134.829 (X64) (2018-06-30 00:24:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-324268131-322235690-2907400536-500 - Administrator - Enabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-324268131-322235690-2907400536-503 - Limited - Disabled)
Invitado (S-1-5-21-324268131-322235690-2907400536-501 - Limited - Disabled)
Jose (S-1-5-21-324268131-322235690-2907400536-1002 - Administrator - Enabled) => C:\Users\Jose
WDAGUtilityAccount (S-1-5-21-324268131-322235690-2907400536-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\{2755BEE9-F03B-4FB8-BB71-0BA3F2629F18}) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Discord (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
doPDF (HKLM\...\{E243DDD2-16CE-4CBD-B8C8-A81841E76FF2}) (Version: 9.2.235 - Softland) Hidden
doPDF 9 (HKLM-x32\...\{c4379b90-c49e-472c-8090-73510c32bf9d}) (Version: 9.2.235 - Softland)
doPDF 9 add-in for Microsoft Office (x64) (HKLM\...\{7AA379DA-0469-4DB7-8D7E-E799133B2C2B}) (Version: 9.2.235 - Softland)
doPDF 9 add-in for Microsoft Office (x86) (HKLM-x32\...\{CBDB5090-CD27-4F9B-974F-554B2625B22A}) (Version: 9.2.235 - Softland)
doPDF 9 Printer Driver (HKLM\...\{70688587-752D-4099-A904-23B3EFAD436E}) (Version: 9.2.235 - Softland)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
EPSON T24 Series Printer Uninstall (HKLM\...\EPSON T24 Series) (Version:  - SEIKO EPSON Corporation)
FACEIT (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\FACEITApp) (Version: 1.22.5 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.1.1102 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.5.0.7 - IObit)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
K-Lite Mega Codec Pack 14.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.0.0.12 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Opera Stable 56.0.3051.66 (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Opera 56.0.3051.66) (Version: 56.0.3051.66 - Opera Software)
PDF24 Creator 8.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PerfectDisk Professional Business (HKLM\...\{682B22AB-EAAA-4B1C-83AF-B26E7D4ED01E}) (Version: 13.0.783 - Raxco Software Inc.)
PetGame (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\PetGame) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH)
TP-Link TL-WN881ND Driver (HKLM-x32\...\{5656127B-0110-4450-9CBD-643E760F152D}) (Version: 1.0.0 - TP-Link)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinSCP 5.13.1 (HKLM-x32\...\winscp3_is1) (Version: 5.13.1 - Martin Prikryl)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-13] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0 [2019-06-06] (Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll [2018-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Jose\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\facebook.lnk -> C:\Users\Jose\AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> www.facebook.com
ShortcutWithArgument: C:\Users\Jose\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2018-10-05 23:52 - 2014-05-19 17:19 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-10-05 23:52 - 2014-09-11 18:09 - 001498112 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2013-12-12 15:49 - 2013-12-12 15:49 - 000037512 _____ (Raxco Software, Inc. -> Raxco Software, Inc.) [File not signed] C:\Program Files\Common Files\Raxco\Shared\PDEnginePS.dll
2018-04-17 19:08 - 2018-04-17 19:08 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn9.dll
2018-10-05 23:52 - 2014-09-11 18:10 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [632]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [632]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [632]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [632]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT2 [632]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT2 [632]
AlternateDataStreams: C:\Users\Public\AppData:CSM [462]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 10:46 - 2019-06-12 19:16 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

Sigo con el reporte de Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by Jose (15-06-2019 17:12:30)
Running from d:\Users\Jose\Downloads
Windows 10 Pro Version 1803 17134.829 (X64) (2018-06-30 00:24:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-324268131-322235690-2907400536-500 - Administrator - Enabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-324268131-322235690-2907400536-503 - Limited - Disabled)
Invitado (S-1-5-21-324268131-322235690-2907400536-501 - Limited - Disabled)
Jose (S-1-5-21-324268131-322235690-2907400536-1002 - Administrator - Enabled) => C:\Users\Jose
WDAGUtilityAccount (S-1-5-21-324268131-322235690-2907400536-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\{2755BEE9-F03B-4FB8-BB71-0BA3F2629F18}) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Discord (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Discord) (Version: 0.0.305 - Discord Inc.)
doPDF (HKLM\...\{E243DDD2-16CE-4CBD-B8C8-A81841E76FF2}) (Version: 9.2.235 - Softland) Hidden
doPDF 9 (HKLM-x32\...\{c4379b90-c49e-472c-8090-73510c32bf9d}) (Version: 9.2.235 - Softland)
doPDF 9 add-in for Microsoft Office (x64) (HKLM\...\{7AA379DA-0469-4DB7-8D7E-E799133B2C2B}) (Version: 9.2.235 - Softland)
doPDF 9 add-in for Microsoft Office (x86) (HKLM-x32\...\{CBDB5090-CD27-4F9B-974F-554B2625B22A}) (Version: 9.2.235 - Softland)
doPDF 9 Printer Driver (HKLM\...\{70688587-752D-4099-A904-23B3EFAD436E}) (Version: 9.2.235 - Softland)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
EPSON T24 Series Printer Uninstall (HKLM\...\EPSON T24 Series) (Version:  - SEIKO EPSON Corporation)
FACEIT (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\FACEITApp) (Version: 1.22.5 - FACEIT Ltd.)
FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.1.1102 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.5.0.7 - IObit)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
K-Lite Mega Codec Pack 14.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.0.0.12 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Opera Stable 56.0.3051.66 (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Opera 56.0.3051.66) (Version: 56.0.3051.66 - Opera Software)
PDF24 Creator 8.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PerfectDisk Professional Business (HKLM\...\{682B22AB-EAAA-4B1C-83AF-B26E7D4ED01E}) (Version: 13.0.783 - Raxco Software Inc.)
PetGame (HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\PetGame) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH)
TP-Link TL-WN881ND Driver (HKLM-x32\...\{5656127B-0110-4450-9CBD-643E760F152D}) (Version: 1.0.0 - TP-Link)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-012B-0C0A-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinSCP 5.13.1 (HKLM-x32\...\winscp3_is1) (Version: 5.13.1 - Martin Prikryl)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-13] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0 [2019-06-06] (Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-324268131-322235690-2907400536-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll [2018-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-06-14] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Jose\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\facebook.lnk -> C:\Users\Jose\AppData\Local\Programs\Opera\launcher.exe (Opera Software) -> www.facebook.com
ShortcutWithArgument: C:\Users\Jose\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2018-10-05 23:52 - 2014-05-19 17:19 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-10-05 23:52 - 2014-09-11 18:09 - 001498112 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2013-12-12 15:49 - 2013-12-12 15:49 - 000037512 _____ (Raxco Software, Inc. -> Raxco Software, Inc.) [File not signed] C:\Program Files\Common Files\Raxco\Shared\PDEnginePS.dll
2018-04-17 19:08 - 2018-04-17 19:08 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn9.dll
2018-10-05 23:52 - 2014-09-11 18:10 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [632]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [632]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [632]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [632]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT2 [632]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT2 [632]
AlternateDataStreams: C:\Users\Public\AppData:CSM [462]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 10:46 - 2019-06-12 19:16 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

Nuevamente agradezco tu atención Saludos.

Hola

Falta la última parte del reporte Addition, has puesto la primera parte dos veces

Un saludo

Hola te pido disculpas. Me costó mucho que entren las respuestas, nunca me había pasado. Te lo envío cuando vuelva la luz. Este día fuimos un país completo sin luz aunque parezca mentira. Hasta afectamos a países limítrofes por lo visto. Muchas gracias por tus respuestas. La luz se cortó a las 7 hs y parece que nos vuelve en algún momento de la madrugada. Saludos

Hola

No hay nada que disculpar, no te preocupes, cuando puedas ya pondrás lo que falta, estate tranquila

Un saludo

Muchísimas gracias por tu amabilidad. Saludos

Hola Daniela, por suerte ya se solucionó lo de la luz, así que acá subo la 2da parte del informe de Addition, muchas gracias por tu paciencia!.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-324268131-322235690-2907400536-1002\Control Panel\Desktop\\Wallpaper -> d:\users\jose\desktop\■■■■ el qeu lo lee\image008.jpg
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{21DF6DF3-2AFC-4FCF-8B64-0F5F5C42A167}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF5A4D0E-89C4-43A3-BAF8-E61D08E5CA3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3092C90C-14D6-4C10-9DB5-316AEDA7EB76}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2274D1C6-3C34-4004-9C70-79AFF7B73357}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7275D57C-C028-4D60-8AC5-C24ABF9E810C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{A90A98D2-DE89-49AD-BB36-977DF45CB546}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{B0B9A217-9087-4A99-8B34-252A06595CB9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{9A2C23E9-55E2-4C48-918B-C583AC19D22F}] => (Allow) LPort=8501
FirewallRules: [{3C5FFF5B-FA3D-4A65-BB11-552DE5A741A1}] => (Allow) LPort=8501
FirewallRules: [{93DF4E1D-9D08-4A58-A877-A5CEFA6A55D1}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0CF6BF98-D83B-4A09-A6BC-212332BFFCBC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0EF6E9EC-6DE8-4A38-A50D-270B05D2C556}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5738917B-F44D-41B5-82A0-6BFBC2BF71CC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A11F3F59-090B-46CD-8EA7-B8DD0034D3EF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7759A0D0-28A5-4EAC-AF3A-C22784C6D86F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{14C870BB-C06D-40BD-BCB3-896BC7292D28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4D5F746F-E249-4D00-8863-EC833667A7EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0F504853-0E35-4259-AB6A-C5611DA1F66B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C70BE8CF-C2C7-4328-859D-025E5FF501F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{B0A4B1CC-2208-495E-A036-91132AC0F163}] => (Allow) C:\Users\Jose\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B6735686-C076-44B5-A1EC-719F42CA456E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E4D5B516-3886-407A-807C-DD4E42D5700C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{41E99D57-679A-4DC0-AD6C-2323CA244536}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F99B78A-5CAE-4DAB-B9A0-5FD5BE07DFA0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4786A0CF-A346-49FD-9EFC-054EDFBBD113}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Block) C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH -> LabyMedia GmbH) [File not signed]
FirewallRules: [UDP Query User{60EAA2E5-BBDF-4618-A515-E9A8E6CBBF7D}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Block) C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH -> LabyMedia GmbH) [File not signed]
FirewallRules: [TCP Query User{73BE82C0-9944-45E2-9325-8CCAFC13A1CA}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{22F0D823-154D-42BA-BAC3-73529EF52149}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [{81B4A88C-C46E-4383-A454-C8B14CF0FBDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{0CA3D9F9-4759-41C5-B4C0-6517B3241E17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{439F9077-168E-43E9-B57D-6EE09FE55368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{1D56057C-B120-4190-ABD3-B15772C61CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{C901F378-9018-4B5B-875E-30DD88AD9717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{66D4C206-9439-4991-A756-5777BF8A1631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{002E1177-3AC9-431A-B0D8-EBA5E9E37BBD}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{93F7F0D0-B320-4944-95EC-0B9220B98D67}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [{AF9F8C37-8F19-4EF7-BF92-3FFFBC0A3196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe (Virtual Basement / Code Headquarters) [File not signed]
FirewallRules: [{B5DB825E-5310-451F-8C88-661F02A8AD80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe (Virtual Basement / Code Headquarters) [File not signed]
FirewallRules: [{30B05A4F-8B12-48F8-90FC-B1696F67DDDE}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{1143C648-A5DD-4CEC-8160-35DA3539BAE1}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [TCP Query User{8BEDDB03-5DD8-4B7C-B4BC-738D57E54525}C:\program files (x86)\common files\oracle\java\javapath_target_501475968\java.exe] => (Block) C:\program files (x86)\common files\oracle\java\javapath_target_501475968\java.exe
FirewallRules: [UDP Query User{4028EC8E-C1D5-47D3-AEB9-78380897D9A7}C:\program files (x86)\common files\oracle\java\javapath_target_501475968\java.exe] => (Block) C:\program files (x86)\common files\oracle\java\javapath_target_501475968\java.exe
FirewallRules: [{764C23E8-6E64-45C8-8479-6D1F864D9755}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{E33DABE5-BC83-4C1A-8F0E-DA3991E869A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{76E7B22C-39F9-49BB-B601-ADB314187B77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9136DC0A-282D-48CC-A42B-4F3FF55741A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DFF9A5C-0985-41F3-B0C0-AFC3BD34AD6B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{208A4761-7EA8-4698-8DD2-99AA19704C10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9938244-FF26-48C0-91F3-4471D2C9B93C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EE0048A-6278-4284-AA4E-A53CA85B7A8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{27106AEA-28DB-4624-9880-75C836CC692F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4EC9C2E4-FDBF-4BF4-B7E9-6ECF5C113286}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{C57479DB-9B93-42B5-9AFB-F8E7EB3962F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{07BC2B69-014D-4586-B75F-D5CCFDFE898E}] => (Allow) LPort=1688
FirewallRules: [{E12D59EB-1093-468E-98A2-27EAEF8146DB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{37FF4321-E8B7-4929-A1F7-30B578AD9A4B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{512C478A-827A-4A3C-8FCC-124EE9A4CB47}] => (Allow) LPort=1688
FirewallRules: [{074CF29B-D017-4ECE-95B5-2AE845323DF2}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{E11E412B-A6B4-4761-A11B-A0691D27C706}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2019 02:15:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Service_KMS.exe, versión: 17.1.0.0, marca de tiempo: 0x56942c76
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.799, marca de tiempo: 0x08a3d2a4
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x000000000003a388
Identificador del proceso con errores: 0xda0
Hora de inicio de la aplicación con errores: 0x01d5239c7787a885
Ruta de acceso de la aplicación con errores: C:\Program Files\KMSpico\Service_KMS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 889c0e44-bea5-4b5c-a5f1-421f682ed201
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/15/2019 02:15:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Service_KMS.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.UnauthorizedAccessException
   en System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32, IntPtr)
   en System.Management.ManagementObject.InvokeMethod(System.String, System.Management.ManagementBaseObject, System.Management.InvokeMethodOptions)
   en Service_KMS.Activador.WMI.SoftwareLicensingProduct.Activate()
   en ᝑ.ᜀ(Service_KMS.Activador.Variables ByRef, System.Collections.Generic.List`1<Service_KMS.Activador.WMI.SoftwareLicensingProduct> ByRef)
   en Service_KMS.Activador.Activador.ᜂ(Service_KMS.Activador.Variables ByRef)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()

Error: (06/15/2019 02:06:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5800,G,0) Al intentar leer en el archivo "C:\Users\Jose\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat", en la posición 65536 (0x0000000000010000) 65536 (0x00010000) bytes se produjo el error de sistema 5 (0x00000005) después de 0.000 segundos: "Acceso denegado. ". La operación de lectura se cerrará con el error -1032 (0xfffffbf8). Si el error persiste, es posible que el archivo esté dañado y sea necesario restaurarlo desde una copia de seguridad anterior.

Error: (06/15/2019 02:06:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5800,G,0) Al intentar leer en el archivo "C:\Users\Jose\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat", en la posición 0 (0x0000000000000000) 65536 (0x00010000) bytes se produjo el error de sistema 5 (0x00000005) después de 0.000 segundos: "Acceso denegado. ". La operación de lectura se cerrará con el error -1032 (0xfffffbf8). Si el error persiste, es posible que el archivo esté dañado y sea necesario restaurarlo desde una copia de seguridad anterior.

Error: (06/15/2019 02:06:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5800,G,0) Al intentar leer en el archivo "C:\Users\Jose\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat", en la posición 32768 (0x0000000000008000) 32768 (0x00008000) bytes se produjo el error de sistema 5 (0x00000005) después de 0.000 segundos: "Acceso denegado. ". La operación de lectura se cerrará con el error -1032 (0xfffffbf8). Si el error persiste, es posible que el archivo esté dañado y sea necesario restaurarlo desde una copia de seguridad anterior.

Error: (06/15/2019 02:06:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5800,G,0) Al intentar leer en el archivo "C:\Users\Jose\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat", en la posición 0 (0x0000000000000000) 32768 (0x00008000) bytes se produjo el error de sistema 5 (0x00000005) después de 0.000 segundos: "Acceso denegado. ". La operación de lectura se cerrará con el error -1032 (0xfffffbf8). Si el error persiste, es posible que el archivo esté dañado y sea necesario restaurarlo desde una copia de seguridad anterior.

Error: (06/15/2019 02:06:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5800,G,0) Al intentar leer en el archivo "C:\Users\Jose\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat", en la posición 16384 (0x0000000000004000) 16384 (0x00004000) bytes se produjo el error de sistema 5 (0x00000005) después de 0.000 segundos: "Acceso denegado. ". La operación de lectura se cerrará con el error -1032 (0xfffffbf8). Si el error persiste, es posible que el archivo esté dañado y sea necesario restaurarlo desde una copia de seguridad anterior.

Error: (06/15/2019 02:06:16 PM) (Source: ESENT) (EventID: 481) (User: )
Description: taskhostw (5800,G,0) Al intentar leer en el archivo "C:\Users\Jose\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat", en la posición 0 (0x0000000000000000) 16384 (0x00004000) bytes se produjo el error de sistema 5 (0x00000005) después de 0.000 segundos: "Acceso denegado. ". La operación de lectura se cerrará con el error -1032 (0xfffffbf8). Si el error persiste, es posible que el archivo esté dañado y sea necesario restaurarlo desde una copia de seguridad anterior.


System errors:
=============
Error: (06/15/2019 03:05:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP\Jose con SID (S-1-5-21-324268131-322235690-2907400536-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/15/2019 02:22:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP\Jose con SID (S-1-5-21-324268131-322235690-2907400536-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/15/2019 02:15:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/15/2019 02:15:15 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: No se puede iniciar un servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Error 
"5"
al iniciar este comando:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding

Error: (06/15/2019 02:15:13 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: No se puede iniciar un servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Error 
"5"
al iniciar este comando:
C:\WINDOWS\system32\SppExtComObj.exe -Embedding

Error: (06/15/2019 02:09:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Administrador de mapas descargados no respondió después de iniciar.

Error: (06/15/2019 02:09:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP\Jose con SID (S-1-5-21-324268131-322235690-2907400536-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0 (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/15/2019 02:08:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP\Jose con SID (S-1-5-21-324268131-322235690-2907400536-1002) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


CodeIntegrity:
===================================

Date: 2019-06-15 17:12:07.871
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:12:07.870
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:12:07.021
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:12:07.019
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:08:17.786
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:08:17.785
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:08:17.783
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-15 17:08:17.782
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F23 12/14/2017
Motherboard: Gigabyte Technology Co., Ltd. H110M-H-CF
Processor: Intel(R) Core(TM) i3-7100 CPU @ 3.90GHz
Percentage of memory in use: 54%
Total physical RAM: 8110.7 MB
Available physical RAM: 3716.18 MB
Total Virtual: 9390.7 MB
Available Virtual: 4576.61 MB

==================== Drives ================================

Drive c: (Sistema) (Fixed) (Total:133.22 GB) (Free:2.83 GB) NTFS
Drive d: (User Data) (Fixed) (Total:100 GB) (Free:66.97 GB) NTFS

\\?\Volume{5f0d5f0d-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 233.8 GB) (Disk ID: 5F0D5F0D)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=133.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Hola

Descarga, instala y ejecuta Revo Uninstaller

• Desinstala todo lo que tengas de IOBIT. Elige el modo avanzado de desinstalación.

No descargasta y ejecutaste FRST desde el escritorio, muévelo allí para realizar el paso siguiente si no fallará.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Run: [FACEIT] => C:\Users\Jose\AppData\Local\FACEITApp\update.exe [2204616 2019-06-11] (FACE IT LIMITED -> )
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\WINDOWS\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-09] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
Task: {58E062A4-9C8E-4463-B8E4-A4732356B7B6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {8EB2BABB-93A9-41C3-B491-B3C162C6DF5A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit Information Technology -> IObit)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
CHR Extension: (Social Blade) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2019-04-23] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-06-15 14:05 - 2019-06-15 14:05 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2019-06-12 19:17 - 2019-06-12 19:17 - 000030912 _____ (FsFilter Network) C:\WINDOWS\system32\Drivers\71d1998346e5cea1.sys
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [632]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [632]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [632]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [632]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT2 [632]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT2 [632]
AlternateDataStreams: C:\Users\Public\AppData:CSM [462]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
FirewallRules: [TCP Query User{4786A0CF-A346-49FD-9EFC-054EDFBBD113}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Block) C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH -> LabyMedia GmbH) [File not signed]
FirewallRules: [UDP Query User{60EAA2E5-BBDF-4618-A515-E9A8E6CBBF7D}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Block) C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH -> LabyMedia GmbH) [File not signed]
FirewallRules: [{81B4A88C-C46E-4383-A454-C8B14CF0FBDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{0CA3D9F9-4759-41C5-B4C0-6517B3241E17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{439F9077-168E-43E9-B57D-6EE09FE55368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{1D56057C-B120-4190-ABD3-B15772C61CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{C901F378-9018-4B5B-875E-30DD88AD9717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{66D4C206-9439-4991-A756-5777BF8A1631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{AF9F8C37-8F19-4EF7-BF92-3FFFBC0A3196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe (Virtual Basement / Code Headquarters) [File not signed]
FirewallRules: [{B5DB825E-5310-451F-8C88-661F02A8AD80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe (Virtual Basement / Code Headquarters) [File not signed]
FirewallRules: [{4EC9C2E4-FDBF-4BF4-B7E9-6ECF5C113286}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{C57479DB-9B93-42B5-9AFB-F8E7EB3962F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{E12D59EB-1093-468E-98A2-27EAEF8146DB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{37FF4321-E8B7-4929-A1F7-30B578AD9A4B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{074CF29B-D017-4ECE-95B5-2AE845323DF2}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{E11E412B-A6B4-4761-A11B-A0691D27C706}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola Daniela, mil disculpas por la tardanza, tuve un problema con la internet.

Aca te paso el informe FIXLOG.TXT

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by Jose (20-06-2019 16:42:54) Run:1
Running from d:\Users\Jose\Desktop
Loaded Profiles: Jose (Available Profiles: Jose & Administrador)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-324268131-322235690-2907400536-1002\...\Run: [FACEIT] => C:\Users\Jose\AppData\Local\FACEITApp\update.exe [2204616 2019-06-11] (FACE IT LIMITED -> )
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\WINDOWS\system32\ficvdec_x64.dll [652288 2013-05-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-09] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\SysWOW64\ficvdec_x86.dll [641024 2013-05-28] () [File not signed]
IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe
Task: {58E062A4-9C8E-4463-B8E4-A4732356B7B6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {8EB2BABB-93A9-41C3-B491-B3C162C6DF5A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit Information Technology -> IObit)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
CHR Extension: (Social Blade) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2019-04-23] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-06-15 14:05 - 2019-06-15 14:05 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2019-06-12 19:17 - 2019-06-12 19:17 - 000030912 _____ (FsFilter Network) C:\WINDOWS\system32\Drivers\71d1998346e5cea1.sys
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [632]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [632]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [632]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [632]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jose\Datos de programa:NT2 [632]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jose\AppData\Roaming:NT2 [632]
AlternateDataStreams: C:\Users\Public\AppData:CSM [462]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
FirewallRules: [TCP Query User{4786A0CF-A346-49FD-9EFC-054EDFBBD113}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Block) C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH -> LabyMedia GmbH) [File not signed]
FirewallRules: [UDP Query User{60EAA2E5-BBDF-4618-A515-E9A8E6CBBF7D}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Block) C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH -> LabyMedia GmbH) [File not signed]
FirewallRules: [{81B4A88C-C46E-4383-A454-C8B14CF0FBDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{0CA3D9F9-4759-41C5-B4C0-6517B3241E17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{439F9077-168E-43E9-B57D-6EE09FE55368}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{1D56057C-B120-4190-ABD3-B15772C61CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{C901F378-9018-4B5B-875E-30DD88AD9717}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{66D4C206-9439-4991-A756-5777BF8A1631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{AF9F8C37-8F19-4EF7-BF92-3FFFBC0A3196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe (Virtual Basement / Code Headquarters) [File not signed]
FirewallRules: [{B5DB825E-5310-451F-8C88-661F02A8AD80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mean Greens - Plastic Warfare\TheMeanGreens\Binaries\Win64\TheMeanGreens-Win64-Shipping.exe (Virtual Basement / Code Headquarters) [File not signed]
FirewallRules: [{4EC9C2E4-FDBF-4BF4-B7E9-6ECF5C113286}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{C57479DB-9B93-42B5-9AFB-F8E7EB3962F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed]
FirewallRules: [{E12D59EB-1093-468E-98A2-27EAEF8146DB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{37FF4321-E8B7-4929-A1F7-30B578AD9A4B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{074CF29B-D017-4ECE-95B5-2AE845323DF2}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{E11E412B-A6B4-4761-A11B-A0691D27C706}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI -> @ByELDI) [File not signed]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe => No running process found
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe => No running process found
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe => No running process found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-324268131-322235690-2907400536-1002\Software\Microsoft\Windows\CurrentVersion\Run\\FACEIT" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.X264" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.LAGS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.XVID" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.ac3acm" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FICV" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.X264" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.LAGS" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.XVID" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FFDS" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.ac3acm" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FICV" => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58E062A4-9C8E-4463-B8E4-A4732356B7B6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58E062A4-9C8E-4463-B8E4-A4732356B7B6}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8EB2BABB-93A9-41C3-B491-B3C162C6DF5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EB2BABB-93A9-41C3-B491-B3C162C6DF5A}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\[email protected]" => removed successfully
CHR Extension: (Social Blade) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2019-04-23] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05] => Error: No automatic fix found for this entry.
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-29] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23] => Error: No automatic fix found for this entry.
CHR Extension: (Avast Online Security) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-22] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Jose\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-13] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
C:\WINDOWS\SECOH-QAD.exe => moved successfully
C:\WINDOWS\system32\Drivers\71d1998346e5cea1.sys => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\ProgramData => ":NT" ADS removed successfully
C:\ProgramData => ":NT2" ADS removed successfully
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Datos de programa" => ":NT" ADS not found.
"C:\ProgramData\Datos de programa" => ":NT2" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully
C:\Users\Jose\Datos de programa => ":NT" ADS removed successfully
C:\Users\Jose\Datos de programa => ":NT2" ADS removed successfully
"C:\Users\Jose\AppData\Roaming" => ":NT" ADS not found.
"C:\Users\Jose\AppData\Roaming" => ":NT2" ADS not found.
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4786A0CF-A346-49FD-9EFC-054EDFBBD113}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60EAA2E5-BBDF-4618-A515-E9A8E6CBBF7D}C:\users\jose\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81B4A88C-C46E-4383-A454-C8B14CF0FBDD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CA3D9F9-4759-41C5-B4C0-6517B3241E17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{439F9077-168E-43E9-B57D-6EE09FE55368}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D56057C-B120-4190-ABD3-B15772C61CA9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C901F378-9018-4B5B-875E-30DD88AD9717}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66D4C206-9439-4991-A756-5777BF8A1631}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AF9F8C37-8F19-4EF7-BF92-3FFFBC0A3196}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5DB825E-5310-451F-8C88-661F02A8AD80}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4EC9C2E4-FDBF-4BF4-B7E9-6ECF5C113286}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C57479DB-9B93-42B5-9AFB-F8E7EB3962F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E12D59EB-1093-468E-98A2-27EAEF8146DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37FF4321-E8B7-4929-A1F7-30B578AD9A4B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{074CF29B-D017-4ECE-95B5-2AE845323DF2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E11E412B-A6B4-4761-A11B-A0691D27C706}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-324268131-322235690-2907400536-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-324268131-322235690-2907400536-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 87938220 B
Java, Flash, Steam htmlcache => 208416577 B
Windows/system/drivers => 681882 B
Edge => 3383801 B
Chrome => 141117680 B
Firefox => 0 B
Opera => 143044 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7282 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Jose => 35147300 B
Administrador => 19906 B

RecycleBin => 0 B
EmptyTemp: => 463.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:43:51 ====

Por otra parte te comento que note una mejoría en el tiempo de arranque de la maquina, y asimismo, ya no aparece el error que te mencione en el 3er comentario.

Desde ya muchas gracias por la paciencia. Saludos.

Hola

Como sigue el problema de las ventanas, se solucionó?

Se resolvieron todos los problemas?

Un saludo

Hola Daniela: después del super apagón que afectó todo el país y algunos limítrofes estamos teniendo problemas de cortes de luz y el servicio de Internet viene y va, es un desastre que esperemos se solucione pronto. Hasta hay lugares donde suspendieron las clases. Ayer apareció una respuesta de otra persona que ahora no está, supongo que sería de alguien que se equivocó de post. Te paso captura de la pantalla:

image.png1360×768 191 KB

La compu anda muchísimo mejor, no tiene ventanas emergentes de ningún tipo, lo único que tiene es que se mantiene muy lenta en el inicio. No se si se podrá hacer algo más al respecto y quisiera saber si el antivirus Kaspersky Free que tenemos instalado te parece que es el más conveniente. Y no se si tomar en cuenta algo de lo recomendado por Richard Rodríguez en su comentario. Lo demás estaría solucionado. Muchísimas gracias por la paciencia con estas demoras involuntarias. Saludos.

Hola

Eliminé yo la respuesta porque hay cosas que no debes hacer y las indicaciones para desinfección por lo general solo las damos el que empieza a ayudar, para no enredar y hacer un caos en el equipo y más cuando estamos utilizando programas que sólo los podemos indicar los miembros del Staff.

El antivirus Kaspersky Free puedes seguir utilizando,.

Vamos a ver si queda alguna infección.

Realiza un análisis con EsetOnline siguiendo el manual

Trae el reporte y comenta como sigue el problema.

Un saludo

Hola Daniela: Te paso el reporte de EsetOnline:

22/6/2019 16:03:10
Archivos explorados: 589289
Archivos infectados: 16
Amenazas eliminadas: 16
Tiempo total de exploración 02:43:12
Estado de la exploración: Finalizado


C:\FRST\Quarantine\C\WINDOWS\SECOH-QAD.exe.xBAD	Win64/HackKMS.C aplicación potencialmente no segura	desinfectado por eliminación
C:\Program Files\KMSpico\scripts\AddExceptionsWD.reg	Win32/HackKMS.AZ aplicación potencialmente no segura	desinfectado por eliminación
C:\Program Files\KMSpico\scripts\Install_Service.cmd	Win32/HackKMS.AZ aplicación potencialmente no segura	desinfectado por eliminación
C:\Program Files\KMSpico\scripts\Install_Task.cmd	Win32/HackKMS.AZ aplicación potencialmente no segura	desinfectado por eliminación
C:\Program Files\KMSpico\scripts\Silent.cmd	Win32/HackKMS.AZ aplicación potencialmente no segura	desinfectado por eliminación
C:\Program Files\KMSpico\Service_KMS.exe	una variante de MSIL/HackTool.IdleKMS.E aplicación potencialmente no segura	desinfectado por eliminación
C:\Windows\SECOH-QAD.dll	Win64/HackKMS.D aplicación potencialmente no segura	desinfectado por eliminación
C:\Windows\SECOH-QAD.exe	Win64/HackKMS.C aplicación potencialmente no segura	desinfectado por eliminación
D:\Users\Jose\Downloads\4ctl0n NARCROP.rar	BAT/HostsChanger.A aplicación potencialmente no segura	eliminado
D:\Users\Jose\Downloads\CSGO MultiHack (Sile (1).rar	una variante de Win32/GameHack.CDT aplicación potencialmente no segura	eliminado
D:\Users\Jose\Downloads\CSGO MultiHack (Sile.rar	una variante de Win32/GameHack.CDT aplicación potencialmente no segura	eliminado
D:\Users\Jose\Downloads\iobituninstaller.exe	una variante de Win32/IObit.E aplicación potencialmente no deseada,una variante de Win32/IObit.P aplicación potencialmente no deseada,una variante de Win32/IObit.J aplicación potencialmente no deseada,una variante de Win32/IObit.L aplicación potencialmente no deseada	desinfectado por eliminación
D:\Users\Jose\Downloads\NoNameCSGO TrollWare.zip	una variante de Win32/GameHack.CBY aplicación potencialmente no segura	eliminado
D:\Users\Jose\Downloads\PPHUD Actualizado bros (1).zip	una variante de Win32/GameHack.CTO aplicación potencialmente no segura	eliminado
D:\Users\Jose\Downloads\PPHUD Actualizado bros (2).zip	una variante de Win32/GameHack.CTO aplicación potencialmente no segura	eliminado
D:\Users\Jose\Downloads\PPHUD Actualizado bros.zip	una variante de Win32/GameHack.CTO aplicación potencialmente no segura	eliminado

El inicio sigue lento y le pasé el Kaspersky de nuevo para ver si había quedado alguna infección. Te paso el reporte:

22.06.2019 17.45.55	Análisis completo	Tarea completada	Hora de finalización: Hoy, 22/06/2019 05:45 p. m.
22.06.2019 17.45.55	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Archivo: D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Permitido por el usuario
22.06.2019 17.45.54	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Archivo: D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Nombre del objeto: HEUR:Backdoor.Win32.Androm.gen	Motivo: Permitido por el usuario
22.06.2019 17.38.40	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Archivo: D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen	Motivo: Pospuesto
22.06.2019 17.38.40	Objeto (archivo) detectado	D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Archivo: D:\Users\Jose\Downloads\ProcessHacker YT NoNameCSGO.exe	Nombre del objeto: not-a-virus:HEUR:RiskTool.Win32.ProcHack.gen
22.06.2019 17.34.44	Objeto (archivo) no procesado	D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Archivo: D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Nombre del objeto: HEUR:Backdoor.Win32.Androm.gen	Motivo: Pospuesto
22.06.2019 17.34.44	Objeto (archivo) detectado	D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Archivo: D:\Users\Jose\Downloads\Fortnite Hacks.rar//Fortnite Hacks/12432_hjSMNAz4.exe	Nombre del objeto: HEUR:Backdoor.Win32.Androm.gen
22.06.2019 16.08.26	Análisis completo	Tarea iniciada	Hora: Hoy, 22/06/2019 04:08 p. m.

Agradezco muchísimo el tiempo que estás dedicando a este problema, sos muy amable. Saludos.

Hola

El Windows 10 es original? EsetOnline detecta KMSpico que es un activador para Windows u Oficce.

Descarga Malwarebytes Anti-Rootkit (Beta) y descomprimes el contenido en tu escritorio.

• Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe
• En la ventana que saldrá pulsas en "Next".
• Pulsar en "Update", y cuando termine en "Next"
• Ahora inicias el análisis pulsando en el botón "Scan"
• Al terminar, si existe infección pulsamos en "CleanUp" y si no hay infección pulsamos en ""Exit"

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

Un saludo :bye: