Pc infectado

Buenos días,

He pasado Malwarebytes porque me aparecia publicidad al navegar y este es el resultado:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 5/10/19
Hora del análisis: 11:33
Archivo de registro: 28f4909a-e753-11e9-ac00-74d435b1ed6c.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.627
Versión del paquete de actualización: 1.0.12779
Licencia: Gratis

-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: MIPC\Antonio

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 333780
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 7 min, 6 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
PUP.Optional.DriverUpdate, C:\$RECYCLE.BIN\S-1-5-21-1604764725-3681772004-1819303514-1001\$RNROBV4.EXE, En cuarentena, [2962], [533640],1.0.12779
CrackTool.Agent.Keygen, C:\USERS\ANTONIO\DESKTOP\INPIX.PHO.8.ARTISTAPIRATA.COM\GENERADOR_DE_CLAVES.RAR, En cuarentena, [7677], [560514],1.0.12779

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Podéis ayudarme?

Muchas gracias.

Hola @caballoblanco1963

Vas a volvera analizar con Malwarebytes realizando un análisis personalizado, sigue las indicaciones siguientes.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
• Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo

Hola @caballoblanco1963

Solo un comentario, como ya te habia dicho anteriormente NO es necesario que uses “progamitas” para actualizar tus driver, pero… NO solamente NO es necesario, sino que además el instalarlos provocan infecciones.

Veo que nuestros consejos de poco sirven.

Saludos.

Hola JavierHf,

Ese programa lo instalé antes de mi post para actualizar los drivers.Como que me aparecian publicidad hoy he decidido pasar Malwarebytes.

Ese programa lo desinstalé nada más instalarlo y como te comento,antes de que me revisarás el tema de actualizar los drivers.

Olvidé comentarte que habia instalado este programa en el tema anterior.

Seguí tus consejos.

Muchas gracias.

Hola @caballoblanco1963

Realiza los pasos que te indiqué y nos pones los reportes.

Un saludo

Hola Daniela,

Pego los reportes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 12/10/19
Hora del análisis: 10:28
Archivo de registro: 50c3970c-ecca-11e9-b2e0-74d435b1ed6c.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.627
Versión del paquete de actualización: 1.0.12871
Licencia: Gratis

-Información del sistema-
SO: Windows 8.1
CPU: x64
Sistema de archivos: NTFS
Usuario: MIPC\Antonio

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 605549
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 hr, 32 min, 30 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build:    09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-12-2019
# Duration: 00:00:18
# OS:       Windows 8.1 Enterprise
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted       C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverUpdate
Deleted       HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [15/06/2019 16:47:31]
AdwCleaner_Debug.log - [11073 octets] - [12/10/2019 17:39:01]
AdwCleaner[S01].txt - [2029 octets] - [12/10/2019 17:40:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Muchas gracias.

Hola

Como sigue el problema.

Un saludo

Hola Daniela,

A veces se quedan colgadas las web.

Gracias.

Hola

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Hola Daniela,

Pego reportes:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Antonio (13-10-2019 20:41:00)
Running from C:\Users\Antonio\Downloads
Windows 8.1 Enterprise (Update) (X64) (2019-03-14 16:19:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1604764725-3681772004-1819303514-500 - Administrator - Disabled)
Antonio (S-1-5-21-1604764725-3681772004-1819303514-1001 - Administrator - Enabled) => C:\Users\Antonio
ARACELI (S-1-5-21-1604764725-3681772004-1819303514-1005 - Limited - Enabled) => C:\Users\ARACELI
CLAUDIA (S-1-5-21-1604764725-3681772004-1819303514-1003 - Limited - Enabled) => C:\Users\CLAUDIA
Invitado (S-1-5-21-1604764725-3681772004-1819303514-501 - Limited - Disabled)
SANDRA (S-1-5-21-1604764725-3681772004-1819303514-1004 - Limited - Enabled) => C:\Users\SANDRA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.)
ACP Application (HKLM\...\{E41DBD59-18EC-BB7B-A605-0A4CC449A599}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Alien Skin Exposure X2 (HKLM\...\Alien Skin Exposure X2) (Version:  - Alien Skin)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Aplicación Marino10 (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\2377842254.cloud.nubhora.com) (Version:  - cloud.nubhora.com)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.438 - AVAST Software)
AVerMedia A835 USB DVB-T 8.2.64.64 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 8.2.64.64 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.62.326 - Electronic Arts)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version:  - Boris FX, Inc.)
Canon Camera Access Library (HKLM-x32\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM-x32\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.1.0.7 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.2.0.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.4.2.6 - )
Canon MP Navigator EX 1.2 (HKLM-x32\...\MP Navigator EX 1.2) (Version:  - )
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.4.0.7 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities Digital Photo Professional 2.2 (HKLM-x32\...\DPP) (Version: 2.2.0.1 - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.7.0.74 - )
Catalyst Control Center Next Localization BR (HKLM\...\{DF13D5F3-B763-EA16-CEC2-BB7C2CFE0855}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{3A3C25FB-AC63-9E0A-23D4-52A53DDDA807}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{42858DC5-DE1D-91ED-2788-ECF02B179F10}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{037AB466-8629-B2C7-C357-21816C161F91}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{ABC1588A-96EC-94D8-6DBF-2B82969B05A7}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0341D135-C6D2-9793-2581-57C899A4865A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{8DD2FAA5-8EAE-93A6-402E-AB754E6F5B23}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{B924C2E4-91BA-B52E-EE94-376F26D43A4A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B3A1627D-BF33-8532-BC93-1828CBDC72D6}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{86E1F508-88D1-A0D2-629B-49055DF8EE24}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{CF60ECA0-BF51-E8E7-09EA-3FF2BDBE4B84}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{DAB6C144-ECED-FA3A-0845-9D12D2926C89}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{F2BEBD65-897A-F8AA-D678-E06A6168D4DB}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{23060CA1-30E9-E4CC-2980-7DAD34665A37}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{BFEA14DC-2C71-7301-3FFD-3B4A3D7AC927}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B16E7001-FC5E-D123-CB47-8385ABF32327}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{84711F7D-B9C2-6412-FA6F-78D83B8A888A}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1C9A2A2-6E01-F31E-4CDD-4B94E2AA1864}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{CE66D705-0C16-EAFC-BD9E-55EF8115A3DB}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{70E3573A-6245-D27D-6226-058F961A98D0}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B3326959-589E-0979-8074-2449D0D5F4F4}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
CyberLink PowerDirector 17 (HKLM-x32\...\{FEAC3AD0-1026-4F63-AAAF-E5CFF422BCCD}) (Version: 17.0.2514.2 - CyberLink Corp.)
CyberLink Screen Recorder 2 (HKLM-x32\...\{FC986EFE-0ACC-44CD-B34F-42C5DCFA7800}) (Version: 2.1.0.4444 - CyberLink Corp.)
Deezer 4.11.2 (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 4.11.2 - Deezer)
DxO FilmPack 5 (HKLM\...\{30F13C0B-3D7A-503C-B95E-FA9FFBC0A5BF}) (Version: 5.5.542.0 - DxO Labs)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Drive (HKLM-x32\...\{7A21C722-F259-4976-B7AA-6658E5FDEDAF}) (Version: 1.7.4018.3496 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
Imagenomic Portraiture 3 Plug-in (build 3027) (HKLM\...\Portraiture 3_is1) (Version: 3027 - Team V.R)
inPixio Photo Clip 8 (HKLM-x32\...\{65634D2B-B6D1-4B35-B4C9-F3999B8D008B}) (Version: 8.2.0 - InPixio)
IPM_Common_x64 (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.11.552 - Your Company Name) Hidden
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
K-Lite Codec Pack 14.8.8 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.8.8 - KLCP)
Kodi (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Kodi) (Version:  - XBMC Foundation)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Movie Studio 16.0 Platinum (HKLM\...\{CE89B1A1-2900-11E9-8CF5-E570ED733677}) (Version: 16.0.109 - VEGAS)
Mozilla Firefox 69.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 69.0.2 (x64 es-ES)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MP3jam 1.1.5.2 (HKLM-x32\...\MP3jam_is1) (Version: 1.1.5.2 - MP3jam)
Nero 2018 (HKLM-x32\...\{DB8EF13D-AD5C-4893-BB41-BD010964E730}) (Version: 19.0.10200 - Nero AG)
Nero 2018 Content Pack 1 (HKLM-x32\...\{ED2B4941-349B-4E16-B339-0D1FF2B7A788}) (Version: 19.0.01300 - Nero AG)
Nero 2018 Content Pack 2 (HKLM-x32\...\{4E3C72F5-9FEF-4380-ABA3-BA670F995538}) (Version: 19.0.01400 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro (HKLM\...\{DED283CF-9FC6-4AC2-9D25-86A5E7740E16}) (Version: 11.0.3.173 - Nitro)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON1 Photo RAW 2018 (HKLM\...\ON1 Photo RAW 2018 PE) (Version: 12.0.0 - ON1)
Origin (HKLM-x32\...\Origin) (Version: 10.5.48.31055 - Electronic Arts, Inc.)
ParticleShop - Core (HKLM\...\{08E7567C-74B3-4956-B575-F55BFCC77C31}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (HKLM\...\{9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (HKLM\...\{67BDB811-383B-4D2B-870E-F27D2511F200}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (HKLM\...\{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\{D4F483F8-71F1-457F-AB1B-31C61529B658}) (Version: 1.3 - Corel Corporation) Hidden
Perfectly Clear V3 (x64) (HKLM\...\{9851DFD9-53C7-4D04-AB9D-641293902873}) (Version: 3.5.4.1118 - Athentech Imaging)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
Pinnacle Studio 22 (HKLM\...\{74D19994-F843-4BFE-9850-18DFFC8A1056}) (Version: 22.1.0.246 - Corel Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.3 - Power Software Ltd)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0004 - Nero AG) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Registro de usuario de Canon MP190 series (HKLM-x32\...\Registro de usuario de Canon MP190 series) (Version:  - )
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Songr (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Songr) (Version: 2.1 - Xamasoft)
Spotify (HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Spotify) (Version: 1.1.16.522.g55a4b852 - Spotify AB)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Uninstall Megadede (HKLM\...\428792f5-75f6-56a9-bc54-ed4a7f639ad5) (Version: 1.0.7 - FjRamírez)
VEGAS Pro 16.0 (HKLM\...\{D19FC640-615E-11E9-BD59-00155D6302F2}) (Version: 16.0.424 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-4) (Version: 1.0.39.1 - LunarG, Inc.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.0.8) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Free Video Converter(Build 10.1.0.9) (HKLM-x32\...\Free Video Converter_is1) (Version: 10.1.0.9 - Wondershare Software)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 8.7.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.7.0.5 - Wondershare Software)

Packages:
=========
Biblioteca de Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2019-05-15] (Extensiones de plataforma de Microsoft)
Biblioteca de Microsoft Windows para JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions)
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2019-05-15] (Microsoft Platform Extensions)
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2019-09-08] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2019-05-15] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2019-05-15] (Skype) [MS Ad]
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2019-05-15] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2019-05-15] (M1DF_Mmengesha)
Test_FrameworkProd_062215_01 -> C:\Program Files\WindowsApps\50856m1dfLL.TestFrameworkProd06221501_1.0.0.10_neutral__nwcxtg9ehxpvt [2019-05-15] (m1df_lucyll)
TESTFRAMEWORKABO2 -> C:\Program Files\WindowsApps\40538vasetest101.TESTFRAMEWORKABO2_12.0.21005.1_x64__ssm1v0s3df7zc [2019-05-15] (vasetest101)
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1604764725-3681772004-1819303514-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1604764725-3681772004-1819303514-1001_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2012-12-17] (Google Inc -> Google)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607256 2018-08-30] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\GuíaFitness _ Consejos de deporte, motivación y nutrición deportiva.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jcndnnnenmclibfmefiifhnchokgchgj
ShortcutWithArgument: C:\Users\Antonio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GuíaFitness _ Consejos de deporte, motivación y nutrición deportiva.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jcndnnnenmclibfmefiifhnchokgchgj

==================== Loaded Modules (Whitelisted) ==============

2017-09-06 19:11 - 2017-09-06 19:11 - 000125952 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000086528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000214528 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2019-04-01 19:49 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2019-03-14 19:11 - 2012-06-09 12:33 - 000053248 ____R () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2019-04-14 23:28 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-04-14 23:28 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 000814592 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2019-04-15 22:45 - 2015-02-27 14:38 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\WSCM64.dll
2019-03-14 19:10 - 2012-11-02 12:28 - 000114688 ____R (AVerMedia TECHNOLOGIES, Inc) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\A825.dll
2019-03-14 19:10 - 2010-08-09 15:59 - 000118784 ____R (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\AVERAPI.dll
2019-03-14 19:10 - 2012-08-31 09:07 - 000110592 ____R (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2019-03-14 19:10 - 2011-07-21 04:40 - 000368640 ____R (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2019-03-14 19:18 - 2007-09-13 18:50 - 000084480 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\MyPrinter\BJMyRes.dll
2019-03-14 19:18 - 2007-09-13 18:50 - 000104448 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\MyPrinter\cnmpu.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-04-01 19:49 - 2018-09-05 21:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-04-06 19:18 - 2019-09-19 19:36 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-05-25 18:04 - 2017-05-25 18:04 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-05-25 18:03 - 2017-05-25 18:03 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-04-14 23:28 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-15 23:24 - 2019-05-19 19:24 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Antonio\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\copiaaaa.jpgsssssssssssssssssss.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A791A53A-03CB-43EF-BA12-3F21B0ED7D78}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2A25BE14-13C2-4CBD-A810-6119716B3532}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8CB66461-2EBD-49A0-9708-27329E12961F}C:\users\antonio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\antonio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{7811A9D1-1C1D-433E-84C2-97EDC636ECB1}C:\users\antonio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\antonio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{896063DD-FB71-4E56-B28C-5431A5EEAC61}C:\users\antonio\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\antonio\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{BB2822C2-2930-4D59-B1F7-2C0AE27BF19D}C:\users\antonio\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\antonio\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2377204A-6DF9-4E3A-B674-6296FDDBDA91}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{24FDE9F0-BCEA-4B94-90F0-65AECD2EA180}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{F12D8CC9-84BC-4BAA-BCB1-AE7A969FF838}C:\program files\kodi\kodi.exe] => (Block) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{D164F562-FDC0-4998-87C0-1D4451235FD0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{E2DEC5EA-BDE0-4E5E-93DD-521420955FAC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{FB86A1DF-C21E-41E9-A372-A3960D1438B0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{47093B61-31E8-4260-8729-A52C0E7914D4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2019 05:28:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IEXPLORE.EXE, versión: 11.0.9600.17416, marca de tiempo: 0x5452eed9
Nombre del módulo con errores: MSHTML.dll, versión: 11.0.9600.17416, marca de tiempo: 0x545304c5
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x001728fe
Identificador del proceso con errores: 0x8e0
Hora de inicio de la aplicación con errores: 0x01d581daa09671ea
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\MSHTML.dll
Identificador del informe: 19ed6a1c-edce-11e9-8298-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/13/2019 04:32:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IEXPLORE.EXE, versión: 11.0.9600.17416, marca de tiempo: 0x5452eed9
Nombre del módulo con errores: MSHTML.dll, versión: 11.0.9600.17416, marca de tiempo: 0x545304c5
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x001728fe
Identificador del proceso con errores: 0x1324
Hora de inicio de la aplicación con errores: 0x01d581ced2663ade
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\MSHTML.dll
Identificador del informe: 387606c8-edc6-11e9-8298-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/12/2019 05:49:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: CALMAIN.exe, versión: 8.1.0.14, marca de tiempo: 0x433d11f9
Nombre del módulo con errores: MSVCRT.dll, versión: 7.0.9600.17415, marca de tiempo: 0x54504b2e
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000b3f2
Identificador del proceso con errores: 0xe70
Hora de inicio de la aplicación con errores: 0x01d581149b5e8004
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\MSVCRT.dll
Identificador del informe: e4275cb5-ed07-11e9-8298-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/12/2019 05:48:37 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/12/2019 10:14:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: chrome.exe, versión: 77.0.3865.90, marca de tiempo: 0x5d81314e
Nombre del módulo con errores: ntdll.dll, versión: 6.3.9600.17415, marca de tiempo: 0x5450559e
Código de excepción: 0xc0000374
Desplazamiento de errores: 0x00000000000f1340
Identificador del proceso con errores: 0x1cb4
Hora de inicio de la aplicación con errores: 0x01d580d4d91368ac
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Identificador del informe: 5dc37de9-ecc8-11e9-8297-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/11/2019 09:53:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: NeroInfo.exe, versión: 19.0.1.3, marca de tiempo: 0x598c050e
Nombre del módulo con errores: NeroInfo.exe, versión: 19.0.1.3, marca de tiempo: 0x598c050e
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0001304c
Identificador del proceso con errores: 0x1888
Hora de inicio de la aplicación con errores: 0x01d5806d4d8875d4
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
Identificador del informe: c1646c85-ec60-11e9-8297-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/11/2019 05:40:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: NeroInfo.exe, versión: 19.0.1.3, marca de tiempo: 0x598c050e
Nombre del módulo con errores: NeroInfo.exe, versión: 19.0.1.3, marca de tiempo: 0x598c050e
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0001304c
Identificador del proceso con errores: 0x29e8
Hora de inicio de la aplicación con errores: 0x01d58049e0615385
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe
Identificador del informe: 72c928d6-ec3d-11e9-8297-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (10/10/2019 11:06:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IEXPLORE.EXE, versión: 11.0.9600.17416, marca de tiempo: 0x5452eed9
Nombre del módulo con errores: MSHTML.dll, versión: 11.0.9600.17416, marca de tiempo: 0x545304c5
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0038780b
Identificador del proceso con errores: 0x213c
Hora de inicio de la aplicación con errores: 0x01d57fae92c7ad99
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\MSHTML.dll
Identificador del informe: d14cf80c-eba1-11e9-8297-74d435b1ed6c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (10/13/2019 04:46:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 20.

Error: (10/13/2019 04:44:13 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 20.

Error: (10/12/2019 10:45:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 20.

Error: (10/12/2019 10:43:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Se recibió una alerta irrecuperable desde el extremo remoto. El código de alerta irrecuperable definido del protocolo TLS es: 20.

Error: (10/12/2019 06:21:15 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (10/12/2019 05:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Origin Client Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/12/2019 05:49:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Canon Camera Access Library 8 se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (10/12/2019 05:47:15 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.


Windows Defender:
===================================
Date: 2019-03-31 22:33:33.549
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: Sistema de inspección de la red
Código del error: 0x8007045b
Descripción del error: Se está cerrando el sistema. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:33:33.549
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: Supervisión de comportamiento
Código del error: 0x8007045b
Descripción del error: Se está cerrando el sistema. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:33:33.549
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: En acceso
Código del error: 0x8007045b
Descripción del error: Se está cerrando el sistema. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:28:52.599
Description: 
La característica Protección en tiempo real de Windows Defender ha encontrado un error y se ha interrumpido.
Característica: Sistema de inspección de la red
Código del error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Razón: La protección de antimalware ha dejado de funcionar por una razón desconocida. En algunos casos, puede que el problema se solucione reiniciando el servicio.

Date: 2019-03-31 22:23:33.925
Description: 
Windows Defender ha encontrado un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.155.266.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: Antivirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.9700.0
Código de error: 0x80070643
Descripción del error: Error irrecuperable durante la instalación. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F7 11/25/2014
Motherboard: Gigabyte Technology Co., Ltd. F2A88XM-D3H
Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
Percentage of memory in use: 59%
Total physical RAM: 7111.27 MB
Available physical RAM: 2903.63 MB
Total Virtual: 11111.27 MB
Available Virtual: 5235.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:637.4 GB) NTFS
Drive d: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:934.07 GB) (Free:297.75 GB) NTFS
Drive f: (Nuevo vol) (Fixed) (Total:928.85 GB) (Free:150.36 GB) NTFS
Drive g: (Inglés_def_Prin) (CDROM) (Total:0.54 GB) (Free:0 GB) UDF

\\?\Volume{e3493422-4672-11e9-824e-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 534337B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=934.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=928.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9954B94F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by Antonio (administrator) on MIPC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (13-10-2019 20:39:38)
Running from C:\Users\Antonio\Downloads
Loaded Profiles: Antonio (Available Profiles: Antonio & CLAUDIA & SANDRA & ARACELI)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Español (España, internacional)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
() [File not signed] C:\Windows\SysWOW64\ASGT.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Advanced Micro Devices) [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Photodex Corporation -> ) C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-25] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-13] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-11-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2018-11-22] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1162104 2017-12-15] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-06-12] (Wondershare software CO., LIMITED -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24916512 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-04-01]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-05-23]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2019-03-14]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2019-03-14]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0360D1E6-040F-4E10-B872-A6730280F65B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {0B2CEC56-615E-4110-AFFF-C778B6FA98D1} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {10414231-1EB6-4716-8463-ECA206E20F4A} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [3220640 2013-08-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {1343E9D6-95AF-4329-9578-A5A0564B54A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {312BA37B-A621-4E64-A58E-C18B1756C294} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-14] (Google Inc -> Google Inc.)
Task: {344198BD-A8A5-4BB7-83D3-EA574AFA829A} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6885240 2017-08-10] (Nero AG -> Nero AG)
Task: {6E522A61-304D-4D51-954D-F53C4D0EDB72} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A1EF29-B1CB-4C2F-95DE-E228859E1743} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {75350FE6-E8F4-472D-BA3A-4A3AC6C6CB52} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
Task: {86C46EAC-7F17-4D8E-B820-C1CCAE8CE12C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {9664FEFC-4FD3-4FB8-BB33-E14020AA5349} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-09] (Adobe Inc. -> Adobe)
Task: {9AA20150-3ACA-49AE-8F41-6B22232C3DB1} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {B1197BE6-8758-4105-B3CA-AEC93C47D999} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {BE875EB4-932D-4F76-A7C9-154F597F8E52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-14] (Google Inc -> Google Inc.)
Task: {C35320FB-5BFB-4DDC-986B-BE0BB01F1143} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {C6DC7A84-5B57-48D9-B95D-75EF56B2D76A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0B98801-6485-4332-9F68-0EE462363489} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9689862-A0DA-4AF0-B079-94E653460692} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E1319E49-D80E-4118-81C9-96D9D80EE832} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2019-03-12] () [File not signed]
Task: {E3D2FFDD-0C01-4264-9E18-343462D201C9} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1380232 2019-08-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {E46C97A6-F31B-4C00-8EA8-D13C3BE46E55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0F14130E-93B6-4A86-89E0-05486040DB39}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{10868FF7-190E-4D54-B652-2BCAC718F495}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-03-14] (Google Inc -> Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-03-14] (Google Inc -> Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-03-14] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-03-14] (Google Inc -> Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: as0l3of6.default
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default [2019-10-13]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-10-10]
FF Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-10-10]
FF Extension: (bet365fullScreen) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\{053805b7-2184-40fe-aef3-578d02739b05}.xpi [2019-04-27]
FF Extension: (FC Barcelona v2) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\{39df96ce-acbd-420f-bc71-14807e5f4774}.xpi [2019-05-18]
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2019-03-15] ( ) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.302\npGoogleUpdate3.dll [2019-10-08] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://guiafitness.com/favicon.ico
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default [2019-10-13]
CHR Extension: (Presentaciones) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-14]
CHR Extension: (Documentos) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-14]
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-14]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-14]
CHR Extension: (Dolphins) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\comjiiebdbhpfpdiehcaielmdjlmhplp [2019-03-19]
CHR Extension: (Hojas de cálculo) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-14]
CHR Extension: (GuíaFitness | Consejos de deporte, motivación y nutrición deportiva) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcndnnnenmclibfmefiifhnchokgchgj [2019-10-05]
CHR Extension: (PlayTo para Chromecast™) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2019-03-31]
CHR Extension: (Player para ver Movistar+) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11]
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [543112 2017-07-05] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-04] (Advanced Micro Devices) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-12-15] (Nero AG -> Nero AG)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] (Nitro Software, Inc. -> )
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2348336 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3228464 2019-09-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2019-03-15] (Photodex Corporation -> )
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7449992 2019-08-13] (AVAST Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Free\Transfer\DriverInstall.exe [107624 2018-12-21] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [36562312 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [520584 2017-07-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [80640 2013-07-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [25344 2013-07-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [552848 2019-10-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2019-05-11] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2019-05-11] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2019-05-11] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-10-12] (Malwarebytes Corporation -> Malwarebytes)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2019-10-13] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 AtiDCM; \??\C:\AMD\Radeon-Software-Crimson-ReLive-17.7.1-Win8.1-64Bit-July17\Bin64\atdcm64a.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-13 20:39 - 2019-10-13 20:40 - 000035626 _____ C:\Users\Antonio\Downloads\FRST.txt
2019-10-13 20:39 - 2019-10-13 20:40 - 000000000 ____D C:\FRST
2019-10-13 20:37 - 2019-10-13 20:38 - 001616384 _____ (Farbar) C:\Users\Antonio\Downloads\FRST64.exe
2019-10-12 22:49 - 2019-10-12 22:49 - 000001533 _____ C:\Users\Antonio\Desktop\INFORME MALWAREBYTES.txt
2019-10-12 22:24 - 2019-10-12 22:24 - 000038118 _____ C:\Users\Antonio\Documents\cc_20191012_222430.reg
2019-10-12 22:20 - 2019-10-12 22:20 - 025441808 _____ (Piriform Software Ltd) C:\Users\Antonio\Downloads\ccsetup562.exe
2019-10-12 22:20 - 2019-10-12 22:20 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-12 22:20 - 2019-10-12 22:20 - 000000834 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-10-12 20:16 - 2019-10-12 20:16 - 000001831 _____ C:\Users\Antonio\Desktop\AdwCleaner[C01].txt
2019-10-12 17:49 - 2019-10-12 17:49 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-10-12 17:38 - 2019-10-12 17:38 - 007636680 _____ (Malwarebytes) C:\Users\Antonio\Downloads\adwcleaner_7.4.1.exe
2019-10-11 17:42 - 2019-10-11 17:42 - 000203688 _____ C:\Users\SANDRA\Desktop\Activitats pronom.pdf
2019-10-11 17:41 - 2019-10-11 17:41 - 000216400 _____ C:\Users\SANDRA\Downloads\Activitats determinant.pdf
2019-10-07 22:53 - 2019-10-07 22:53 - 000000000 ____D C:\Users\Antonio\Downloads\licencias avast
2019-10-06 20:37 - 2019-10-03 21:16 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-10-06 17:40 - 2019-10-06 17:40 - 000014279 _____ C:\Users\Antonio\Downloads\1544125156-La Espia que me Planto [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2019-10-06 17:37 - 2019-10-06 17:37 - 000014578 _____ C:\Users\Antonio\Downloads\1553497081-Superlopez [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2019-10-06 13:11 - 2019-10-06 13:11 - 000194060 _____ C:\Users\SANDRA\Desktop\escaner parmenides.jpeg
2019-10-05 23:52 - 2019-10-05 23:52 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-10-05 23:04 - 2019-10-05 23:04 - 000001199 _____ C:\Users\Antonio\Desktop\M4G1XMVSTU2020PRE.19.WIN.AP.ZENTINELS.rar - Acceso directo.lnk
2019-10-05 23:00 - 2019-10-05 23:01 - 991470168 _____ C:\Users\Antonio\Downloads\M4G1XMVSTU2020PRE.19.WIN.AP.ZENTINELS.rar
2019-10-05 20:31 - 2019-10-05 20:31 - 000552848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-10-05 20:27 - 2018-12-17 06:17 - 000000000 ____D C:\Users\Antonio\Downloads\Avast Premier Full 2019 Por R3TZHOTUTOS 95
2019-10-05 20:22 - 2019-10-05 20:22 - 000001189 _____ C:\Users\Antonio\Desktop\InPixio Photo Editor 9.1.7026.29921.rar - Acceso directo.lnk
2019-10-05 20:21 - 2019-10-05 20:21 - 226477520 _____ C:\Users\Antonio\Downloads\InPixio Photo Editor 9.1.7026.29921.rar
2019-10-03 23:14 - 2019-10-03 23:14 - 000002371 _____ C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicación Marino10.lnk
2019-10-03 21:41 - 2019-10-13 18:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-03 21:17 - 2019-10-03 21:16 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-10-03 21:17 - 2019-10-03 21:16 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-10-01 22:44 - 2019-10-01 22:44 - 000011007 _____ C:\Users\Antonio\Downloads\1569709055-Timadoras Compulsivas [1080p][Castellano][wWw.EliteTorrent.IO].torrent
2019-09-30 20:21 - 2019-09-30 20:21 - 000000061 _____ C:\Users\SANDRA\Desktop\el reloj de bagdad.txt
2019-09-28 10:19 - 2019-09-28 10:19 - 000040994 _____ C:\Users\Antonio\Downloads\ComprovantCursa de la Mercè-10K (1).pdf
2019-09-28 10:18 - 2019-09-28 10:18 - 000040954 _____ C:\Users\Antonio\Downloads\ComprovantCursa de la Mercè-10K.pdf
2019-09-25 21:45 - 2019-09-25 21:45 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\Oracle
2019-09-24 23:02 - 2019-09-24 23:02 - 000212480 _____ C:\Users\Antonio\Downloads\Competicions.xls
2019-09-22 14:31 - 2019-09-22 14:31 - 000000000 ____D C:\Users\SANDRA\AppData\Roaming\Sun
2019-09-22 14:31 - 2019-09-22 14:31 - 000000000 ____D C:\Users\SANDRA\AppData\LocalLow\Sun
2019-09-21 16:57 - 2019-09-21 16:57 - 000291065 _____ C:\Users\Antonio\Downloads\Entradas_y_bar_Cinesa.pdf
2019-09-21 11:51 - 2019-09-21 11:51 - 000023207 _____ C:\Users\Antonio\Downloads\A_47_metros_MicroHD.torrent
2019-09-19 17:45 - 2019-09-19 17:45 - 000040994 _____ C:\Users\Antonio\Downloads\ComprovantCursa de la Mercè-10K (2).pdf
2019-09-19 17:45 - 2019-09-19 17:45 - 000040954 _____ C:\Users\Antonio\Downloads\ComprovantCursa de la Mercè-10K (1).pdf
2019-09-19 17:41 - 2019-09-19 17:41 - 000040954 _____ C:\Users\Antonio\Downloads\ComprovantCursa de la Mercè-10K.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-13 20:38 - 2019-03-14 20:51 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\Mozilla
2019-10-13 20:33 - 2019-05-29 14:38 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{81C5EFB8-F2FE-45D3-A357-1EAF6A243704}
2019-10-13 20:33 - 2019-05-25 16:29 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1003
2019-10-13 20:33 - 2019-04-14 23:02 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2019-10-13 20:33 - 2019-04-07 17:56 - 000003966 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0E13BE95-8306-4E60-ABFB-E56CE4953DB4}
2019-10-13 20:33 - 2019-04-07 17:42 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1005
2019-10-13 20:33 - 2019-04-07 17:40 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{C7B2D966-2BC4-48CA-A8CC-1F6E4B82591C}
2019-10-13 20:33 - 2019-03-27 15:10 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1004
2019-10-13 20:33 - 2019-03-16 17:46 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-10-13 20:33 - 2019-03-14 23:43 - 000003312 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTaskCore
2019-10-13 20:33 - 2019-03-14 21:23 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-10-13 20:33 - 2019-03-14 21:23 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-10-13 20:33 - 2019-03-14 19:29 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-10-13 20:33 - 2019-03-14 19:29 - 000004332 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-13 20:33 - 2019-03-14 19:14 - 000003276 _____ C:\Windows\system32\Tasks\klcp_update
2019-10-13 20:33 - 2019-03-14 18:30 - 000003536 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-13 20:33 - 2019-03-14 18:30 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-13 20:33 - 2019-03-14 18:26 - 000003970 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{72FB9F73-6B55-4709-9C43-AD367EB53D48}
2019-10-13 20:13 - 2019-03-14 18:29 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-10-13 17:28 - 2019-03-14 19:59 - 000000000 ____D C:\Users\Antonio\AppData\Local\CrashDumps
2019-10-13 16:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2019-10-13 15:55 - 2014-11-21 01:03 - 001743360 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-13 15:55 - 2014-11-21 00:21 - 000774740 _____ C:\Windows\system32\perfh00A.dat
2019-10-13 15:55 - 2014-11-21 00:21 - 000159266 _____ C:\Windows\system32\perfc00A.dat
2019-10-13 15:55 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-10-13 15:33 - 2019-07-15 20:53 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-10-13 15:33 - 2019-07-15 20:53 - 000000496 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-10-13 15:33 - 2019-03-31 22:28 - 000000000 ____D C:\Users\Antonio\AppData\Local\AVAST Software
2019-10-13 15:33 - 2019-03-14 18:26 - 000000000 __RDO C:\Users\Antonio\OneDrive
2019-10-13 00:05 - 2019-03-14 18:25 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1604764725-3681772004-1819303514-1001
2019-10-12 22:48 - 2019-03-15 18:22 - 000000000 ___RD C:\Users\Antonio\Desktop\LIMPIEZA
2019-10-12 22:22 - 2019-03-14 19:20 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\uTorrent
2019-10-12 17:57 - 2019-04-06 19:18 - 000000000 ____D C:\Program Files (x86)\Origin
2019-10-12 17:48 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-12 17:47 - 2019-03-14 18:35 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-10-12 17:43 - 2019-06-15 16:46 - 000000000 ____D C:\AdwCleaner
2019-10-11 22:39 - 2019-03-14 23:22 - 000000000 ____D C:\Users\Antonio\AppData\Local\Spotify
2019-10-11 22:01 - 2019-03-14 23:22 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Spotify
2019-10-11 17:58 - 2019-03-27 15:02 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Packages
2019-10-09 21:36 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-09 21:36 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-08 17:19 - 2019-03-14 18:30 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-07 23:13 - 2019-03-14 18:19 - 000000000 ____D C:\Users\Antonio
2019-10-07 22:56 - 2019-03-15 18:23 - 000000000 ___RD C:\Users\Antonio\Desktop\ACCESOS
2019-10-07 21:55 - 2019-03-26 00:16 - 000000000 ____D C:\Users\Antonio\AppData\Local\BitTorrentHelper
2019-10-07 18:36 - 2019-03-31 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-10-07 18:35 - 2019-03-14 20:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-06 20:37 - 2019-03-31 22:27 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-10-06 17:40 - 2019-03-14 20:51 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-06 10:57 - 2019-03-27 15:08 - 000000000 ____D C:\Users\SANDRA\AppData\LocalLow\Temp
2019-10-05 23:27 - 2019-03-15 18:22 - 000000000 ___RD C:\Users\Antonio\Desktop\OFICINA
2019-10-05 23:22 - 2019-03-14 19:47 - 000001392 _____ C:\Users\Antonio\Desktop\Este equipo - Acceso directo.lnk
2019-10-05 21:51 - 2019-04-06 19:17 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Origin
2019-10-05 21:32 - 2019-05-22 20:42 - 000001190 _____ C:\Users\Public\Desktop\Battlefield™ V.lnk
2019-10-05 21:32 - 2019-05-22 20:42 - 000001190 _____ C:\ProgramData\Desktop\Battlefield™ V.lnk
2019-10-05 20:17 - 2019-03-15 18:25 - 000001816 _____ C:\Users\Antonio\Desktop\Descargas - Acceso directo.lnk
2019-10-05 20:03 - 2019-04-06 19:21 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-10-05 20:03 - 2019-04-06 19:17 - 000000000 ____D C:\ProgramData\Origin
2019-10-05 12:00 - 2019-05-25 16:23 - 000000000 ____D C:\Users\CLAUDIA
2019-10-05 12:00 - 2019-04-01 10:05 - 000000000 ____D C:\Users\ARACELI
2019-10-03 21:18 - 2019-03-31 22:26 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-10-03 21:18 - 2019-03-31 22:26 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-10-03 21:16 - 2019-03-31 22:26 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-09-29 21:42 - 2019-07-27 21:56 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-09-29 20:34 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-28 10:08 - 2019-03-17 21:12 - 000000000 ____D C:\Program Files (x86)\Corel
2019-09-25 21:50 - 2019-03-14 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-09-25 21:50 - 2019-03-14 19:22 - 000000000 ____D C:\Program Files\Java
2019-09-25 21:49 - 2019-03-14 19:22 - 000110064 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-09-22 22:54 - 2019-03-31 00:37 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Kodi
2019-09-21 17:31 - 2019-03-15 23:48 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Avanquest Software
2019-09-21 17:31 - 2019-03-15 23:48 - 000000000 ____D C:\Users\Antonio\AppData\Local\Avanquest
2019-09-21 17:30 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2019-09-18 22:09 - 2019-03-14 18:19 - 000000000 ____D C:\Users\Antonio\AppData\Local\Packages
2019-09-18 21:41 - 2019-03-14 18:31 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-13 22:53 - 2019-05-11 11:14 - 000000000 ____D C:\Windows\Minidump
2019-09-13 18:50 - 2019-03-27 15:02 - 000000000 ____D C:\Users\SANDRA

==================== Files in the root of some directories ================

2019-03-14 23:49 - 2019-03-16 17:09 - 000000779 _____ () C:\Users\Antonio\AppData\Roaming\MIPC.MTBF.txt

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-10-06 20:15
==================== End of FRST.txt ============================

Muchas gracias.

Hola

Tienes Avast craqueado/pirateado?

No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muevelo allí si no el siguiente paso no funcionará.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-10-10]
FF Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-10-10]
CHR Extension: (GuíaFitness | Consejos de deporte, motivación y nutrición deportiva) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcndnnnenmclibfmefiifhnchokgchgj [2019-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11]
S3 AtiDCM; \??\C:\AMD\Radeon-Software-Crimson-ReLive-17.7.1-Win8.1-64Bit-July17\Bin64\atdcm64a.sys [X]
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} =>  -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola Daniela,

El problema sigue igual y sigue apareciendo publicidad.

Pego el reporte:

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2019 02
Ran by Antonio (18-10-2019 19:33:28) Run:1
Running from C:\Users\Antonio\Desktop
Loaded Profiles: Antonio & CLAUDIA & SANDRA & ARACELI (Available Profiles: Antonio & CLAUDIA & SANDRA & ARACELI)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-10-10]
FF Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] [2019-10-10]
CHR Extension: (Gu�aFitness | Consejos de deporte, motivaci�n y nutrici�n deportiva) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcndnnnenmclibfmefiifhnchokgchgj [2019-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11]
S3 AtiDCM; \??\C:\AMD\Radeon-Software-Crimson-ReLive-17.7.1-Win8.1-64Bit-July17\Bin64\atdcm64a.sys [X]
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} =>  -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] => moved successfully
C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\as0l3of6.default\Extensions\[email protected] => moved successfully
CHR Extension: (Gu�aFitness | Consejos de deporte, motivaci�n y nutrici�n deportiva) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcndnnnenmclibfmefiifhnchokgchgj [2019-10-05] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\AtiDCM => removed successfully
AtiDCM => service removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Fast Explorer => removed successfully
HKLM\Software\Classes\CLSID\{693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1604764725-3681772004-1819303514-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2cfb:7c8d:7b00:52be%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.home:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {44891D49-8574-405F-AD6C-B2CFFFEFACB9}.
Unable to cancel {153E7C9F-F3B3-4C38-9A56-B746FD460F89}.
0 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23832542 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 267116716 B
Edge => 0 B
Chrome => 449979720 B
Firefox => 55413983 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 1718 B
NetworkService => 1718 B
Antonio => 691058079 B
CLAUDIA => 698467714 B
SANDRA => 729117272 B
ARACELI => 729117272 B

RecycleBin => 3649 B
EmptyTemp: => 3.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:37:01 ====

Muchas gracias

Hola

En que navegador te sale la publicidad?

Un saludo

Hola Daniela,

Chrome

Gracias

Hola Daniela,

Desde hace un par de dias,internet se corta,no puedo navegar,quito el cable ethernet no vuelvo a poner y ya puedo seguir navegando y,también,aparece en alguna ocasión una ventana advirtiendo que internet no funciona,la cierro y puedo seguir navegando.

No sé si tiene relación con el problema.

Muchas gracias.

Realizas lo siguiente:

Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

• Este no da reporte cuando te encuentres al finalizar, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

Un saludo

Hola Daniela,

Pego reportes:

24/10/2019 21:27:17 ANTONIO Archivos explorados: 526368 Archivos infectados: 2 Amenazas eliminadas: 2 Tiempo total de exploración 04:09:43 Estado de la exploración: Finalizado

C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe una variante de Win32/UwS.SlimDrivers.A aplicación desinfectado por eliminación C:\Users\Antonio\AppData\Local\Songr\Songr.Core.dll una variante de MSIL/Xamasoft.A aplicación potencialmente no deseada desinfectado por eliminación

Muchas gracias

Hola

Como sigue el problema.

Un saludo

Hola Daniela,

Parece que el problema está solucionado,la navegación va rapida y no sale publicidad.Sólo sigue muy de tanto en tanto cortandose unos segundos internet,podria ser debidos a mi compañia de internet.

Muchas gracias.