Posible virus


#1

Buenas tardes,

Tengo 600 megas de descarga.Como notaba lento internet he pasado el test de velocidad y la descarga no pasa de 300 megas.Entré en Modo Seguro y al realizar el test el resultado si fueron los 600 megas. Creo que algún virus o programa me genera el problema.

Os agradecería vuestra ayuda.

Saludos.


#2

Hola @caballoblanco1963

Que tengas menos velocidad en modo normal de windows que en modo seguro se puede deber a múltiples cuestiones, entre otras a infecciones, pero también a los multiples programas que puedas tener arrancados/iniciados en tu equipo en el modo normal de windows.

Siempre podemos indicarte pasos de revisión y desinfección pero igual NO encontramos nada que sea el culpable de los problemas.

Nos comentas.

Saludos.


#4

Hola JavierHF,

Esto me ocurre desde hace un tiempo.antes si me llegaba esa velocidad.Te agradecería tu ayuda para detectar el virus o el programa que baja la velocidad.

Gracias.

Comentarte, que además noto internet lento y en alguna ocasión las páginas se cargan en blanco, no se si esto es una pista para saber el problema.

Saludos.


#5

Perfecto…entonces para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.


Comparto mis reportes. Alguien le puede dar un vistazo?
#6

Hola Javier,

Primero de todo,pedirte disculpas por el retraso.

A continuación pego los reportes:

> Malwarebytes
> 
> -Detalles del registro-
> Fecha del análisis: 24/11/18
> Hora del análisis: 10:52
> Archivo de registro: 9df28942-efce-11e8-9d20-74d435b1ed6c.json
> 
> -Información del software-
> Versión: 3.6.1.2711
> Versión de los componentes: 1.0.482
> Versión del paquete de actualización: 1.0.7915
> Licencia: Gratis
> 
> -Información del sistema-
> SO: Windows 8.1
> CPU: x64
> Sistema de archivos: NTFS
> Usuario: PCANTONIO\Antonio
> 
> -Resumen del análisis-
> Tipo de análisis: Análisis personalizado
> Análisis iniciado por:: Manual
> Resultado: Completado
> Objetos analizados: 665013
> Amenazas detectadas: 3
> Amenazas en cuarentena: 3
> Tiempo transcurrido: 2 hr, 33 min, 59 seg
> 
> -Opciones de análisis-
> Memoria: Activado
> Inicio: Activado
> Sistema de archivos: Activado
> Archivo: Activado
> Rootkits: Activado
> Heurística: Activado
> PUP: Detectar
> PUM: Detectar
> 
> -Detalles del análisis-
> Proceso: 0
> (No hay elementos maliciosos detectados)
> 
> Módulo: 0
> (No hay elementos maliciosos detectados)
> 
> Clave del registro: 0
> (No hay elementos maliciosos detectados)
> 
> Valor del registro: 0
> (No hay elementos maliciosos detectados)
> 
> Datos del registro: 0
> (No hay elementos maliciosos detectados)
> 
> Secuencia de datos: 0
> (No hay elementos maliciosos detectados)
> 
> Carpeta: 0
> (No hay elementos maliciosos detectados)
> 
> Archivo: 3
> PUP.Optional.FFInjectExt, C:\USERS\ANTONIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V0RIZOLE.DEFAULT\EXTENSIONS\{BEE8B1F2-823A-424C-959C-F8F76C8B2306}.XPI, Se eliminará al reiniciar, [4701], [546469],1.0.7915
> HackTool.FilePatch, C:\USERS\ANTONIO\DOWNLOADS\NPE11(X64)\NITRO PRO ENTERPRISE 11\PARCHE.RAR, Se eliminará al reiniciar, [7840], [281135],1.0.7915
> PUP.Optional.InstallCore.Generic, C:\USERS\ANTONIO\DOWNLOADS\FOTOPRIX-PROGRAMAS-GRATIS-NET_1980653152.EXE, Se eliminará al reiniciar, [6141], [516690],1.0.7915
> 
> Sector físico: 0
> (No hay elementos maliciosos detectados)
> 
> WMI: 0
> (No hay elementos maliciosos detectados)
> 
> (end)
> # -------------------------------
> # Malwarebytes AdwCleaner 7.2.4.0
> # -------------------------------
> # Build:    09-25-2018
> # Database: 2018-11-19.1 (Cloud)
> # Support:  https://www.malwarebytes.com/support
> #
> # -------------------------------
> # Mode: Scan
> # -------------------------------
> # Start:    11-24-2018
> # Duration: 00:00:41
> # OS:       Windows 8.1 Enterprise
> # Scanned:  32104
> # Detected: 0
> 
> 
> ***** [ Services ] *****
> 
> No malicious services found.
> 
> ***** [ Folders ] *****
> 
> No malicious folders found.
> 
> ***** [ Files ] *****
> 
> No malicious files found.
> 
> ***** [ DLL ] *****
> 
> No malicious DLLs found.
> 
> ***** [ WMI ] *****
> 
> No malicious WMI found.
> 
> ***** [ Shortcuts ] *****
> 
> No malicious shortcuts found.
> 
> ***** [ Tasks ] *****
> 
> No malicious tasks found.
> 
> ***** [ Registry ] *****
> 
> No malicious registry entries found.
> 
> ***** [ Chromium (and derivatives) ] *****
> 
> No malicious Chromium entries found.
> 
> ***** [ Chromium URLs ] *****
> 
> No malicious Chromium URLs found.
> 
> ***** [ Firefox (and derivatives) ] *****
> 
> No malicious Firefox entries found.
> 
> ***** [ Firefox URLs ] *****
> 
> No malicious Firefox URLs found.
> 
> 
> AdwCleaner[S00].txt - [1257 octets] - [28/10/2018 22:15:20]
> 
> ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Junkware Removal Tool (JRT) by Malwarebytes
> Version: 8.1.4 (07.09.2017)
> Operating System: Windows 8.1 Enterprise x64 
> Ran by Antonio (Administrator) on 24/11/2018 at 17:06:46,20
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> 
> 
> 
> File System: 1 
> 
> Successfully deleted: C:\ProgramData\esellerate (Folder) 
> 
> 
> 
> Registry: 2 
> 
> Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
> Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
> 
> 
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Scan was completed on 24/11/2018 at 17:10:11,44
> End of JRT log
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#7
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by Antonio (24-11-2018 17:21:40)
Running from C:\Users\Antonio\Desktop\VIRUS
Windows 8.1 Enterprise (Update) (X64) (2017-12-06 15:51:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1492494534-3052034158-2930290983-500 - Administrator - Disabled)
Antonio (S-1-5-21-1492494534-3052034158-2930290983-1001 - Administrator - Enabled) => C:\Users\Antonio
ARACELI (S-1-5-21-1492494534-3052034158-2930290983-1006 - Limited - Enabled) => C:\Users\ARACELI
CLAUDIA (S-1-5-21-1492494534-3052034158-2930290983-1005 - Limited - Enabled) => C:\Users\CLAUDIA
Invitado (S-1-5-21-1492494534-3052034158-2930290983-501 - Limited - Disabled)
SANDRA (S-1-5-21-1492494534-3052034158-2930290983-1004 - Limited - Enabled) => C:\Users\SANDRA

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\uTorrent) (Version: 3.5.4.44809 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
ACP Application (HKLM\...\{9BAEAD2E-B7A3-13A3-A589-A1541CB0856C}) (Version: 2017.0704.1801.49 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2018 (HKLM-x32\...\DRWV_18_0) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_0_1) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Airflow (64-bit) (HKLM\...\Airflow (64-bit)) (Version: 2.3.13 - BitCave)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Argente Utilities 1.0.6.5 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.6.5 - Raúl Argente)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.103 - AVAST Software)
AVerMedia A835 USB DVB-T 8.2.64.64 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 8.2.64.64 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
Blender (HKLM\...\{6B32721F-EA02-40BB-B781-92404BA3485C}) (Version: 2.79.1 - Blender Foundation)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version:  - Boris FX, Inc.)
Canon Camera Access Library (HKLM-x32\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM-x32\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.1.0.7 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.2.0.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.4.2.6 - )
Canon MP Navigator EX 1.2 (HKLM-x32\...\MP Navigator EX 1.2) (Version:  - )
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.4.0.7 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities Digital Photo Professional 2.2 (HKLM-x32\...\DPP) (Version: 2.2.0.1 - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.7.0.74 - )
Catalyst Control Center Next Localization BR (HKLM\...\{AA6F7B8A-64C1-C3B8-D1E9-9D4506F7839E}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{7F40BDF1-4722-3D7C-163B-FC7258C4A957}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{2955F53C-4BBF-92E9-73BD-3406950F182D}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{4FFB703F-DA14-282C-00B8-2077728F8C51}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9271214E-CA3A-CB4C-CBE8-0837D42E045F}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{CC45B2E1-3656-A28B-6893-C83B8EA4B075}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{E87B2B22-8537-1BF0-8F90-B8BD975EF8C0}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{73859017-7296-076D-1FA8-E8F03EC76D8E}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{D8DF0E67-3219-7780-9EA6-70D6645577AA}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4B93DFA4-2484-EABC-F66B-A2ACD6FF6763}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{7D76E4B6-04AC-CA12-5598-52C0D9605A38}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{063C1F20-E362-67B9-F3CC-2055AD5E793D}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{7F46DD0A-DDEB-F42D-54D3-C73D98FF0D15}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{05FF29CB-76BB-B80E-0625-3B5F256DCC71}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{03565BED-2B0D-EF07-C618-54EF20DEE342}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{51896E55-4CDE-75FF-5345-92A53B27D75F}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{6B3D45BE-8B28-D35A-8AFD-2697A4DB401D}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D780E47-1603-2276-1624-01E42AA063D4}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{019DF301-4F07-B0B7-69D6-D6E02A21EC66}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{8D2A7E10-CB64-F842-C11B-677CDA6E7181}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{46215A7F-73E6-BA1B-2DFF-76DD475F5C74}) (Version: 2017.0704.1721.31196 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP)
Complete Internet Repair 5.1.0.3896 (HKLM\...\Complete Internet Repair_is1) (Version: 5.1.0.3896 - Rizonesoft)
Corel PaintShop Pro 2018 (HKLM-x32\...\_{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.0.0.132 - Corel Corporation)
Corel Update Manager (HKLM\...\{67881956-8135-4804-9465-BA1419010638}) (Version: 2.9.389 - Corel corporation) Hidden
Corel Update Manager (HKLM-x32\...\{FB8387EF-D663-4152-A13E-6B963AC1052A}) (Version: 2.9.389 - Corel corporation) Hidden
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2026.0 - CyberLink Corp.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.2816.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
DeezLoader Remaster 5.0.0-ALPHA (only current user) (HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\cf593a38-21bb-5a94-b76f-49ad187dd0c1) (Version: 5.0.0-ALPHA - Ivan de la Beldad Fernandez)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
Driver Easy 5.6.2 (HKLM\...\DriverEasy_is1) (Version: 5.6.2 - Easeware)
Easy Tune 6 B13.1211.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B13.1211.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Epic Games Launcher (HKLM-x32\...\{79F5479A-BF71-4F4C-9C49-9D616AF923DE}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotoprix FotoLibro v5.6.56.478 (HKLM\...\{3E451A42-50B4-4FD7-890E-A08B217F39E2}_is1) (Version: 5.6.56.478 - Ikatz, S.A.)
Free Audio Editor (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
Freemake Video Converter versión 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Glary Utilities 5.92 (HKLM-x32\...\Glary Utilities 5) (Version: 5.92.0.114 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Google Chrome SxS) (Version: 66.0.3354.0 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Google Chrome SxS) (Version: 66.0.3354.0 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Google Chrome SxS) (Version: 66.0.3354.0 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoPro (HKLM\...\{1E92618C-EB66-4C4C-9F45-93EC6EF53273}) (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (HKLM-x32\...\{99502BF0-655A-425D-8754-9EEC557D3D73}) (Version: 5.9.2733 - GoPro, Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
ICA (HKLM-x32\...\{6000096B-318C-40F8-A450-043B6A602D16}) (Version: 20.0.0.132 - Corel Corporation) Hidden
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
InPixio Photo Clip 7 (HKLM-x32\...\{829CAB57-8D17-49F8-A5B0-302B501FCEC2}) (Version: 7.0.0 - InPixio)
InstaCards (HKLM-x32\...\{58259C24-7B5E-4977-93B0-E9EEA1B884CE}) (Version: 1.6.2 - InPixio)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IPM_PSP_COM64 (HKLM\...\{2013AABB-7212-4D79-B13B-25E567C2D0E4}) (Version: 20.0.0.132 - Corel Corporation) Hidden
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
K-Lite Codec Pack 14.4.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Profesional 2016 - es-es (HKLM\...\ProfessionalRetail - es-es) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Studio 15.0 Platinum (HKLM\...\{DE446A8F-891E-11E8-A17E-00155D6302F2}) (Version: 15.0.146 - VEGAS)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{D878FFD1-8BEC-11E6-840D-F7EA595EA544}) (Version: 13.0.981 - VEGAS)
Mozilla Firefox 63.0.3 (x64 es-ES) (HKLM\...\Mozilla Firefox 63.0.3 (x64 es-ES)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Music Recorder (HKLM-x32\...\{F3949798-3544-433B-B5AB-A61F32F0386F}) (Version: 18.001.2 - Nero AG) Hidden
Nero 2018 (HKLM-x32\...\{5637174D-25C6-4815-93CD-AD18561D4E7C}) (Version: 19.0.07300 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version:  - )
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version:  - )
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version:  - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version:  - )
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version:  - )
NewBlue Free Effects for Windows (HKLM-x32\...\NewBlue Free Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version:  - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version:  - )
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro (HKLM\...\{DED283CF-9FC6-4AC2-9D25-86A5E7740E16}) (Version: 11.0.3.173 - Nitro)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON1 Effects 10 (HKLM\...\ON1 Effects 10 PE) (Version: 10.5.2 - ON1)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 56.0.3051.104 (HKLM-x32\...\Opera 56.0.3051.104) (Version: 56.0.3051.104 - Opera Software)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
Pinnacle Creative Pack Volume 1 (HKLM\...\{DCFE1E33-F24D-4DE4-A25C-D58DB7565973}) (Version: 6.0 - Corel Corporation)
Pinnacle Hollywood FX Volumes 1-3 (HKLM\...\{8215FA76-B532-49CB-B40B-CDC4781C1765}) (Version: 5.0 - Corel Corporation)
Pinnacle MyDVD (HKLM\...\{28075128-C115-45CB-888A-4491A138A510}) (Version: 2.0.049 - Nombre de su organización) Hidden
Pinnacle MyDVD (HKLM-x32\...\{3A6DDDF3-4A04-47A4-A644-B9F489989750}) (Version: 2.0 - Pinnacle)
Pinnacle NewBlue Effects (HKLM\...\{88033906-A6D4-453C-8685-2A6110B1AC72}) (Version: 4.0.0 - Corel Corporation)
Pinnacle Premium Pack Volumes 1-2 (HKLM-x32\...\{E789702E-A3B1-41AE-89C1-0F8CF1E5DF8A}) (Version: 5.0 - Corel Corporation)
Pinnacle ScoreFitter Volumes 1-2 (HKLM\...\{8A8EF2C9-3FD5-41A3-B652-5EE95544971C}) (Version: 5.0 - Corel Corporation)
Pinnacle Studio 21 (HKLM\...\{41C196DB-9ED2-449E-A056-20E67255BFC8}) (Version: 21.0.1.110 - Corel Corporation)
Pinnacle Title Extreme (HKLM\...\{F92FBC75-02F0-4D54-8986-46E91BEFF5C5}) (Version: 5.0 - Corel Corporation)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Primo (HKLM-x32\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.250 - proDAD GmbH)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
PSPPContent (HKLM-x32\...\{CC719875-8939-48D2-BA50-D5F5673C4C6A}) (Version: 20.0.0.132 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{BBF5A9A0-82BD-4C51-9EAD-624651FE765B}) (Version: 20.0.0.132 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{A8A7345E-0111-4A73-9F0F-560A837BF901}) (Version: 20.0.0.132 - Corel Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registro de usuario de Canon MP190 series (HKLM-x32\...\Registro de usuario de Canon MP190 series) (Version:  - )
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Runtime (HKLM-x32\...\{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden
Setup (HKLM-x32\...\{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Nombre de su organización) Hidden
Songr (HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Songr) (Version: 2.1 - Xamasoft)
Songr (HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Songr) (Version: 2.1 - Xamasoft)
Songr (HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Songr) (Version: 2.1 - Xamasoft)
Songr (HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Songr) (Version: 2.1 - Xamasoft)
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.00.11130 - Sony Corporation)
Spotify (HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Spotify) (Version: 1.0.93.244.g1e3a05e7 - Spotify AB)
Spotify (HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
Spotify (HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
Spotify (HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sweet Home 3D version 5.6 (HKLM\...\Sweet Home 3D_is1) (Version: 5.6 - eTeks)
TunesKit Spotify Converter 1.2.7.138 (HKLM-x32\...\TunesKit Spotify Converter_is1) (Version:  - TunesKit, Inc.)
UltraISO Premium V9.7 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VEGAS Pro 15.0 (HKLM\...\{E1FCD40F-7FC4-11E7-88AD-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VFW_Codec32 (HKLM-x32\...\{4275850F-4E2E-4F60-9E73-8BD8F70891D3}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{7010885D-3378-4C9B-B330-88271728EDE5}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-5) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version:  - winmoviemaker)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1492494534-3052034158-2930290983-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1492494534-3052034158-2930290983-1004_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\SANDRA\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2017-11-17] (Glarysoft Ltd)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2017-03-09] (Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2017-11-17] (Glarysoft Ltd)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2017-11-17] (Glarysoft Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {071EE844-009D-4C3D-A3C9-4A3735B5626F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {0F989D26-BC07-4557-B4AC-E8C61063C9EC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_pepper.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {124E8F9F-AFA0-462A-AB30-9BB93EEC867D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {195232FF-E946-4255-87CF-8E4206D43FC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {1D84DD54-DE12-4F3F-A12B-F8F2631562F3} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {25081192-C19A-42A1-A3F3-E87015A047F0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {32A8FF4C-61F5-43DB-B74D-24DD11DB40EE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {438F3285-E8D6-4A43-8F73-92095412EA89} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492494534-3052034158-2930290983-1001UA => C:\Users\Antonio\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4777CA8E-A678-4484-97C3-F1B55A9DB886} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {50D5C9BD-AB90-4407-B0EA-8A89C7911CAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {54BED253-6E9D-427D-BAA2-DF04C5E9C707} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {5BB9B604-6543-4C32-8E81-260EDFB6F33E} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe [2018-04-18] (CyberLink Corp.)
Task: {6122D6C1-71C8-4136-8177-ED995EA5AF2A} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {6328528E-4F88-4EA9-B05E-6EAFB3D4DBC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492494534-3052034158-2930290983-1001Core => C:\Users\Antonio\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {6F2DDD95-159B-4DB7-B741-4F9C5E06E745} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-07-04] (Advanced Micro Devices, Inc.)
Task: {7F6F5E0F-6118-451E-8E7C-B6D7AD819B7E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-01] (AVAST Software)
Task: {829E9FCB-524F-4080-9F9E-A655114C79AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06] (Google Inc.)
Task: {878FE0ED-C729-46F3-BE1A-243B0ED803E3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-01] (AVAST Software)
Task: {8A81951B-419F-4165-B8F2-5087C1038C47} - System32\Tasks\Opera scheduled Autoupdate 1528195391 => C:\Program Files\Opera\launcher.exe [2018-11-14] (Opera Software)
Task: {9F848BD7-35B1-4382-8295-670F916D3972} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {AF66B742-C8CD-4890-97DE-7AEB6219B025} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-02-02] (Glarysoft Ltd)
Task: {C34AD028-37F6-4A2A-9B8C-B88F56850E8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {CA06F31B-8008-427B-BA97-216271FC4477} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {CE3F1275-5814-4CBB-84D7-8DE7C781AF9C} - System32\Tasks\AdobeGCInvoker-1.0-PCANTONIO-CLAUDIA => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {CEEF8443-DC63-41AB-BD02-0D1FA12BF8AB} - System32\Tasks\AdobeGCInvoker-1.0-PCANTONIO-SANDRA => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {D0A10B7F-0DE2-4EB8-9545-F1B60A89ABDC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-06] (Google Inc.)
Task: {DC1B7718-8AC4-41CD-A94F-1B7A89D37C0B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-30] (AVAST Software)
Task: {F0EC5D51-23E6-4F82-835B-42B22302C1B4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {F5481715-70EF-4421-AD98-3741239067BE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2017-08-10] (Nero AG)
Task: {FDA8E89C-7159-4C33-8FC4-964ECEB72962} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {FFDEFB60-9A81-46A4-9F1E-3FFE79E3B897} - System32\Tasks\CorelUpdateHelperTask-2C15EA3CA01D3E5FDCE170D20D43DD1D => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-07-04 21:33 - 2014-07-04 21:33 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 000814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 000055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-12-06 17:40 - 2011-04-01 07:52 - 000403456 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2017-12-06 17:55 - 2008-01-22 09:35 - 000103808 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-09 09:44 - 2017-03-09 09:44 - 000419016 _____ () C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
2017-03-09 09:43 - 2017-03-09 09:43 - 000320712 _____ () C:\Program Files\Nitro\Pro 11\Nitro_KissMetrics.dll
2017-12-09 22:35 - 2017-12-09 22:35 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2016-05-12 00:39 - 2016-05-12 00:39 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2016-05-12 00:39 - 2016-05-12 00:39 - 001088944 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2018-11-24 10:43 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-11-06 17:14 - 2018-11-06 17:14 - 000100936 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2017-12-06 17:40 - 2012-06-09 11:33 - 000053248 ____R () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2017-12-07 21:49 - 2017-03-20 17:20 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2017-12-07 21:49 - 2017-03-20 17:20 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2017-12-07 21:49 - 2017-03-20 17:20 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2017-12-07 21:49 - 2017-03-20 17:20 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2018-03-14 21:55 - 2018-03-14 21:55 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-22 20:09 - 2018-10-22 20:09 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [478]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-05-18 23:26 - 2018-11-15 17:58 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\Control Panel\Desktop\\Wallpaper -> G:\fotos para comunion sandra\DSCN0906.JPG
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\SANDRA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NeroBackItUpBackgroundService2018 => 2
HKLM\...\StartupApproved\StartupFolder: => "AVerQuick.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{B77D814F-58EE-4407-9728-BACA5D6AD44D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{08E39999-B386-47CB-9D47-A4384D81717E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{31FC0F73-D6AA-43B8-8836-471963B5D0FE}C:\users\sandra\desktop\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\users\sandra\desktop\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{160A363F-13AA-4735-B820-7AAD790599A2}C:\users\sandra\desktop\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\users\sandra\desktop\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{6B86CF53-D3F0-4A8B-9C4B-D67B5068F4AA}C:\users\antonio\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonio\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7838143A-D6B0-41F6-955D-E36FA5A830A7}C:\users\antonio\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonio\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C38CAC72-6B79-4C5E-8CE4-5FBDA8824040}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{50148782-B006-4944-8546-E53A36A2A5F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E8712308-C2C1-4A29-853C-B7FDFFE3F943}] => (Allow) C:\Program Files\Airflow\Airflow.exe
FirewallRules: [{89BD1524-EE61-4668-A4B0-AF4E0F891927}] => (Allow) C:\Program Files\Airflow\Airflow.exe
FirewallRules: [{FB30C03E-AF6F-46D8-B220-4EE70A6D15F7}] => (Allow) C:\Program Files\Airflow\Airflow.analyzer.exe
FirewallRules: [{9822DFB0-2F5C-4C24-BD0B-1067DA96F739}] => (Allow) C:\Program Files\Airflow\Airflow.analyzer.exe
FirewallRules: [{90A4FC6D-0E88-401F-ADBB-62472EA05BDB}] => (Allow) C:\Program Files\Airflow\Airflow.server.exe
FirewallRules: [{EB6CC07D-DDB3-4D0B-9A92-2FE915180140}] => (Allow) C:\Program Files\Airflow\Airflow.server.exe
FirewallRules: [{C99C5411-115C-4BF8-9338-B7D885B45742}] => (Allow) C:\Program Files\Airflow\Airflow.transcoder.exe
FirewallRules: [{E16A945C-A18C-483F-9DA2-55C5BF26ABE9}] => (Allow) C:\Program Files\Airflow\Airflow.transcoder.exe
FirewallRules: [TCP Query User{39561DDC-1856-4FA2-BEA9-065007DDF129}C:\program files\on1\on1 effects 10\on1 effects 10.exe] => (Block) C:\program files\on1\on1 effects 10\on1 effects 10.exe
FirewallRules: [UDP Query User{D580F726-A097-4736-81A1-AAF99233ADE5}C:\program files\on1\on1 effects 10\on1 effects 10.exe] => (Block) C:\program files\on1\on1 effects 10\on1 effects 10.exe
FirewallRules: [TCP Query User{996F8AE5-15BD-4478-B703-B8908180AF58}C:\users\antonio\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\antonio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{609EA56C-7F76-4192-95F7-77308AAF34F7}C:\users\antonio\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\antonio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{BE7ADF33-BB07-4B87-A147-F3B9C088CE6D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{079A7598-30D0-4C0A-8040-62EC2C1C7BA3}] => (Allow) C:\Program Files\Opera\56.0.3051.99\opera.exe
FirewallRules: [{9591FA06-0EF9-4D6F-BBCE-430CE70D1E69}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0BA145AE-1D91-4CB2-B8C6-BF3CD60AC6B1}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe
FirewallRules: [{7F1EBCCF-E0DE-4989-8F90-C1129B5D5619}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{1584D318-C765-4EF5-AC12-00CEF2E0AAF0}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{9B5C5F2D-600C-4F4B-A180-1C136C3FE32A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{F4C5DDB9-080B-4D9D-A13D-E175F1F6EC72}] => (Allow) C:\Program Files\Opera\56.0.3051.104\opera.exe
FirewallRules: [{BC6E33BC-0E4C-4468-A305-0B77BE868567}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D94264F8-BA4E-4DCD-9B18-C37A090E5E22}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E054E4A1-0739-41E4-99A6-9EAD82D65105}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{EFC79541-23A7-4266-B09F-3BF0C271E655}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F2693CC6-1ADC-4AF0-864E-3A71A05887A8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

14-11-2018 17:37:38 Punto de control programado
17-11-2018 18:17:03 GoPro for Desktop
17-11-2018 18:18:18 Instalador de Módulos de Windows
17-11-2018 22:20:58 Revo Uninstaller's restore point - Fotoprix FotoLibro v5.6.56.478
17-11-2018 22:39:55 Revo Uninstaller's restore point - Fotoprix FotoLibro v5.6.56.478
21-11-2018 20:31:14 Windows Update
24-11-2018 17:06:47 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2018 05:06:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/24/2018 05:06:31 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (11/24/2018 04:41:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (11/24/2018 04:32:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2018 02:15:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2018 02:06:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (11/24/2018 01:57:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/24/2018 01:56:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=17


System errors:
=============
Error: (11/24/2018 05:05:25 PM) (Source: DCOM) (EventID: 10010) (User: PCANTONIO)
Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/24/2018 05:04:55 PM) (Source: DCOM) (EventID: 10010) (User: PCANTONIO)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/24/2018 04:44:01 PM) (Source: DCOM) (EventID: 10010) (User: PCANTONIO)
Description: El servidor {1B1F472E-3221-4826-97DB-2C2324D389AE} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/24/2018 04:43:31 PM) (Source: DCOM) (EventID: 10010) (User: PCANTONIO)
Description: El servidor {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/24/2018 02:28:04 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/24/2018 01:53:43 PM) (Source: NetBT) (EventID: 4307) (User: )
Description: Error de inicialización debido a que el transporte rehusó abrir las direcciones iniciales.

Error: (11/23/2018 08:36:06 PM) (Source: DCOM) (EventID: 10010) (User: PCANTONIO)
Description: El servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/22/2018 11:33:23 PM) (Source: DCOM) (EventID: 10010) (User: PCANTONIO)
Description: El servidor {F9717507-6651-4EDB-BFF7-AE615179BCCF} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2017-12-06 17:03:43.450
Description: 
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Sistema de inspección de red
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

CodeIntegrity:
===================================

Date: 2018-11-22 21:38:00.153
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:59.854
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:59.557
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:59.256
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:58.958
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:58.659
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:58.374
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-22 21:37:58.082
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: AMD A10-7850K Radeon R7, 12 Compute Cores 4C+8G
Percentage of memory in use: 28%
Total physical RAM: 7111.27 MB
Available physical RAM: 5055.9 MB
Total Virtual: 11955.73 MB
Available Virtual: 9136.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:610.03 GB) NTFS
Drive d: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Fixed) (Total:934.07 GB) (Free:297.75 GB) NTFS
Drive g: (Nuevo vol) (Fixed) (Total:928.85 GB) (Free:167.31 GB) NTFS
Drive h: (Inglés_def_Prin) (CDROM) (Total:0.54 GB) (Free:0 GB) UDF

\\?\Volume{4b86925c-da9c-11e7-824e-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 534337B2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=934.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=928.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9954B94F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Muchas gracias

Saludos.


#8

Hola Javier,

Comentarte que la velocidad de descarga a subido a 370 mb,pero todavia no alcanza los 600 mb

Gracias.


#9

Hola.

Falta por poner el informe de FRST, lo necesitamos para verificar todo correctamente.


#10

Hola Javier,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
Ran by Antonio (administrator) on PCANTONIO (24-11-2018 17:20:37)
Running from C:\Users\Antonio\Desktop\VIRUS
Loaded Profiles: Antonio & SANDRA & CLAUDIA & ARACELI (Available Profiles: Antonio & SANDRA & CLAUDIA & ARACELI)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\ASGT.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
() C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Antonio\Desktop\VIRUS\5FRST64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-25] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-13] (CANON INC.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-05-12] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [479744 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [AvastBrowserAutoLaunch_604D53CA505D45238863C9AE016C5A2E] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1819312 2018-11-16] (AVAST Software)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [Google Update] => C:\Users\SANDRA\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [AceStream] => C:\Users\SANDRA\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [Spotify Web Helper] => C:\Users\SANDRA\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34917264 2018-11-19] (Epic Games, Inc.)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [Google Update] => C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [AceStream] => C:\Users\CLAUDIA\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [Spotify Web Helper] => C:\Users\CLAUDIA\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\MountPoints2: {4b869262-da9c-11e7-824e-806e6f6e6963} - "H:\Run.exe" 
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [Google Update] => C:\Users\ARACELI\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [AceStream] => C:\Users\ARACELI\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [Spotify Web Helper] => C:\Users\ARACELI\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\MountPoints2: {4b869262-da9c-11e7-824e-806e6f6e6963} - "H:\Run.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2017-12-06]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2017-12-06]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Herramienta de búsqueda de soportes de PMB.lnk [2017-12-06]
ShortcutTarget: Herramienta de búsqueda de soportes de PMB.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8A5076C9-8253-4E7F-AFC4-6182B0AF21C4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D7FB5DE6-8084-4520-A659-E95B2440C89D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1492494534-3052034158-2930290983-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-19] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-20] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-12-06] (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-20] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-12-06] (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1492494534-3052034158-2930290983-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1492494534-3052034158-2930290983-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1492494534-3052034158-2930290983-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1492494534-3052034158-2930290983-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: v0rizole.default
FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\v0rizole.default [2018-11-24]
FF Extension: (Avast SafePrice) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\v0rizole.default\Extensions\[email protected] [2018-04-12]
FF Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\v0rizole.default\Extensions\[email protected] [2018-11-23]
FF Extension: (Popup blocker for FF: Poper Blocker) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\v0rizole.default\Extensions\{bee8b1f2-823a-424c-959c-f8f76c8b2306}.xpi [2018-10-24]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2017-03-09] (Nitro PDF)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2017-12-09] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default [2018-11-24]
CHR Extension: (Presentaciones) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]
CHR Extension: (Documentos) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-23]
CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-24]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-15]
CHR Extension: (Hojas de cálculo) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-23]
CHR Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-24]
CHR Extension: (Player para ver Movistar+) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-11-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-23]
CHR Extension: (Gmail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-22] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-01] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-01] (AVAST Software)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-06] ()
S3 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9669920 2018-11-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-30] (EasyAntiCheat Ltd)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-12] ()
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] ()
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2017-12-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-22] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-22] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-22] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-22] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-22] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185072 2018-11-23] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-22] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-22] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-22] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-22] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-22] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-22] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-12-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-12-06] (Disc Soft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-12-06] (Glarysoft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-12-06] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-06-03] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-01] (REALiX(tm))
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-24] (Malwarebytes)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2018-01-01] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapwindscribe0901; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-02-01] (The OpenVPN Project)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-24 17:19 - 2018-11-24 17:20 - 000000000 ____D C:\FRST
2018-11-24 17:10 - 2018-11-24 17:19 - 000000891 _____ C:\Users\Antonio\Desktop\JRT.txt
2018-11-24 17:00 - 2018-11-24 17:00 - 000001318 _____ C:\Users\Antonio\Desktop\AdwCleaner[S01].txt
2018-11-24 10:43 - 2018-11-24 10:43 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-24 10:43 - 2018-11-24 10:43 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-24 10:43 - 2018-11-24 10:43 - 000002814 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-24 10:43 - 2018-11-24 10:43 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-24 10:43 - 2018-11-24 10:43 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-24 10:43 - 2018-11-24 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-24 10:43 - 2018-11-24 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-24 10:43 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-22 21:35 - 2018-11-22 21:35 - 000052328 _____ () C:\Windows\system32\Drivers\staport.sys.154291892479605
2018-11-22 21:34 - 2018-11-22 21:34 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-22 17:19 - 2018-11-22 17:20 - 000000000 ____D C:\Users\SANDRA\Desktop\catala triemstral
2018-11-22 15:13 - 2018-11-22 15:13 - 001681404 _____ C:\Users\SANDRA\Downloads\Unitat 3 Prosa medieval.pptx
2018-11-20 21:58 - 2018-11-20 22:03 - 000044974 _____ C:\Users\Antonio\Desktop\calendari 2019.pdf
2018-11-20 21:57 - 2018-11-20 21:57 - 000036322 _____ C:\Users\Antonio\Downloads\calendari 2019.pdf
2018-11-19 22:45 - 2018-11-24 17:20 - 000000000 ____D C:\Users\Antonio\Desktop\VIRUS
2018-11-19 22:43 - 2018-11-19 22:43 - 018071560 _____ (Piriform Software Ltd) C:\Users\Antonio\Downloads\ccsetup549.exe
2018-11-19 20:46 - 2018-11-19 20:47 - 019190959 _____ C:\Users\SANDRA\Downloads\ROMA.pptx
2018-11-19 18:57 - 2018-11-19 18:57 - 000034066 _____ C:\Users\SANDRA\Downloads\3. Cant de Ramon. Ramon Llull.pdf
2018-11-18 11:27 - 2018-11-18 11:27 - 000000000 ____D C:\Users\Antonio\Desktop\CRACOVIA
2018-11-17 22:41 - 2018-11-17 22:41 - 000000971 _____ C:\Users\Public\Desktop\Fotoprix FotoLibro.lnk
2018-11-17 22:41 - 2018-11-17 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotoprix FotoLibro
2018-11-17 22:41 - 2018-11-17 22:41 - 000000000 ____D C:\Program Files\FotoPrix
2018-11-17 22:41 - 2017-12-14 01:55 - 002083872 _____ (Embarcadero Technologies, Inc.) C:\Windows\system32\midas.dll
2018-11-17 22:39 - 2018-11-17 22:39 - 002538464 _____ (Fisebupip ) C:\Users\Antonio\Downloads\fotoprix-programas-gratis-net_1980653152.exe
2018-11-17 22:35 - 2018-11-17 22:35 - 035118680 _____ (Ikatz, S.A. ) C:\Users\Antonio\Downloads\setup (2).exe
2018-11-17 22:35 - 2018-11-17 22:35 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\FotoPrix
2018-11-17 22:35 - 2018-11-17 22:35 - 000000000 ____D C:\Users\Antonio\AppData\Local\FotoPrix
2018-11-17 22:35 - 2018-11-17 22:35 - 000000000 ____D C:\ProgramData\FotoPrix
2018-11-17 20:57 - 2018-11-17 21:00 - 000000000 ___RD C:\Users\Antonio\Desktop\PRAGA
2018-11-17 20:55 - 2018-11-17 20:58 - 000000000 ____D C:\Users\Antonio\Desktop\AMSTERDAM
2018-11-17 20:25 - 2018-11-17 23:35 - 000000000 ____D C:\Users\Antonio\Documents\Mis Proyectos
2018-11-17 20:25 - 2018-11-17 20:25 - 035118680 _____ (Ikatz, S.A. ) C:\Users\Antonio\Downloads\setup.exe
2018-11-17 20:25 - 2018-11-17 20:25 - 035118680 _____ (Ikatz, S.A. ) C:\Users\Antonio\Downloads\setup (1).exe
2018-11-17 18:55 - 2018-11-17 18:55 - 000002163 _____ C:\Users\Antonio\Desktop\Ennio Morricone - The Mission Main Theme (Morricone Conducts Morricone).mp3 - Acceso directo.lnk
2018-11-17 18:20 - 2018-11-17 18:21 - 000000000 ____D C:\Users\Antonio\AppData\Local\GoPro
2018-11-17 18:20 - 2018-11-17 18:20 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\GoPro
2018-11-17 18:18 - 2018-11-17 18:18 - 000000826 _____ C:\Users\Public\Desktop\GoPro Studio.lnk
2018-11-17 18:18 - 2018-11-17 18:18 - 000000000 ____D C:\Users\Public\CineForm
2018-11-17 18:17 - 2018-11-17 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2018-11-17 18:17 - 2018-11-17 18:17 - 000466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2018-11-17 18:17 - 2018-11-17 18:17 - 000444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2018-11-17 18:17 - 2018-11-17 18:17 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2018-11-17 18:17 - 2018-11-17 18:17 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2018-11-17 18:17 - 2018-11-17 18:17 - 000000876 _____ C:\Users\Public\Desktop\GoPro.lnk
2018-11-17 18:17 - 2018-11-17 18:17 - 000000000 ____D C:\Program Files\GoPro
2018-11-17 18:17 - 2018-11-17 18:17 - 000000000 ____D C:\Program Files (x86)\OpenAL
2018-11-17 18:17 - 2018-11-17 18:17 - 000000000 ____D C:\Program Files (x86)\GoPro
2018-11-17 18:17 - 2018-11-17 18:17 - 000000000 ____D C:\Program Files (x86)\CineForm
2018-11-17 18:02 - 2018-11-17 18:02 - 000001648 _____ C:\Users\Antonio\Desktop\videoplayback (1).mp4 - Acceso directo.lnk
2018-11-17 17:45 - 2018-11-17 18:12 - 196443168 _____ (GoPro, Inc.) C:\Users\Antonio\Downloads\GoProStudioPC-2.5.9.2658.exe
2018-11-17 17:43 - 2018-11-17 17:43 - 022491901 _____ C:\Users\Antonio\Downloads\videoplayback (1).mp4
2018-11-17 17:16 - 2018-11-17 17:16 - 000001612 _____ C:\Users\Antonio\Desktop\videoplayback.mp4 - Acceso directo.lnk
2018-11-17 17:15 - 2018-11-17 17:15 - 014768611 _____ C:\Users\Antonio\Downloads\videoplayback.mp4
2018-11-16 19:10 - 2018-11-16 19:10 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-11-16 19:10 - 2018-11-16 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2018-11-15 20:33 - 2018-11-15 20:33 - 000000000 ____D C:\Users\SANDRA\Desktop\Empresas trimestrales
2018-11-14 16:33 - 2018-10-25 01:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-14 16:33 - 2018-10-25 01:51 - 000121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-14 16:33 - 2018-10-25 01:46 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 16:33 - 2018-10-25 01:45 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-14 16:33 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 16:33 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-14 16:33 - 2018-10-16 04:46 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 16:33 - 2018-10-16 04:39 - 002171800 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-14 16:33 - 2018-10-16 04:39 - 001662504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 16:33 - 2018-10-16 04:39 - 001063368 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-14 16:33 - 2018-10-16 04:18 - 001137472 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 16:33 - 2018-10-16 04:02 - 001563584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-14 16:33 - 2018-10-16 04:02 - 001214920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-14 16:33 - 2018-10-12 21:35 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-14 16:33 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-14 16:33 - 2018-10-12 21:25 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-14 16:33 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-14 16:33 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-14 16:33 - 2018-10-12 21:16 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-14 16:33 - 2018-10-12 21:16 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-14 16:33 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-14 16:33 - 2018-10-12 21:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-14 16:33 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-14 16:33 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-14 16:33 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-14 16:33 - 2018-10-12 20:51 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-14 16:33 - 2018-10-12 20:47 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-11-14 16:33 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-14 16:33 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-14 16:33 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-14 16:33 - 2018-10-12 03:16 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-14 16:33 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-14 16:33 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 16:33 - 2018-10-12 03:10 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-14 16:33 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-14 16:33 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 16:33 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-14 16:33 - 2018-10-12 02:58 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-14 16:33 - 2018-10-12 02:58 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-14 16:33 - 2018-10-12 02:35 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-14 16:33 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-14 16:33 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-14 16:33 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-14 16:33 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 16:33 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-14 16:33 - 2018-10-12 02:17 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 16:33 - 2018-10-12 02:12 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-11-14 16:33 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 16:33 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-14 16:33 - 2018-10-06 19:14 - 001547192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-14 16:33 - 2018-10-06 19:14 - 000388536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-14 16:33 - 2018-10-06 19:04 - 001308976 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 16:33 - 2018-10-06 19:03 - 000356288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 16:33 - 2018-10-06 17:48 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-14 16:33 - 2018-10-06 16:41 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-14 16:33 - 2018-10-06 16:34 - 002175488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-14 16:33 - 2018-10-06 16:32 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-14 16:33 - 2018-09-28 14:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-14 16:33 - 2018-09-28 14:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-14 16:33 - 2018-09-23 17:47 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 16:33 - 2018-09-23 17:45 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-14 16:33 - 2018-09-23 17:45 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-14 16:33 - 2018-09-23 17:37 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 16:33 - 2018-09-23 17:24 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 16:33 - 2018-09-23 17:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-14 16:33 - 2018-09-23 17:23 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-14 16:33 - 2018-09-23 17:20 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-14 16:33 - 2018-09-23 17:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-14 16:33 - 2018-09-23 17:00 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-14 16:33 - 2018-09-23 17:00 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-14 16:33 - 2018-09-23 16:58 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 16:33 - 2018-09-23 16:56 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 16:33 - 2018-09-23 16:53 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-14 16:33 - 2018-09-23 16:51 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-14 16:33 - 2018-09-23 16:50 - 000709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-14 16:33 - 2018-09-12 19:30 - 000137008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-14 16:33 - 2018-09-11 16:30 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-14 16:33 - 2018-08-26 04:38 - 001200640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-14 16:33 - 2018-08-26 04:38 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-14 16:33 - 2018-08-26 04:21 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-14 16:33 - 2018-08-26 04:21 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2018-11-14 16:33 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\SysWOW64\locale.nls
2018-11-14 16:33 - 2018-08-26 02:45 - 000513448 _____ C:\Windows\system32\locale.nls
2018-11-14 16:33 - 2018-08-21 14:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 16:33 - 2018-08-21 14:35 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-14 16:33 - 2018-08-19 17:22 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-14 16:33 - 2018-08-19 16:52 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 16:33 - 2018-08-19 16:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-14 15:57 - 2018-11-14 15:57 - 000052328 _____ () C:\Windows\system32\Drivers\staport.sys
2018-11-13 15:21 - 2018-11-13 16:03 - 000000000 ____D C:\Users\SANDRA\Desktop\Noticias CMC
2018-11-12 23:51 - 2018-11-12 23:51 - 000065117 _____ C:\Users\Antonio\Downloads\AutorizacionVaga.pdf
2018-11-12 22:19 - 2018-11-12 22:19 - 029885876 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0006.mp4
2018-11-12 22:11 - 2018-11-12 22:11 - 036696425 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0013.mp4
2018-11-12 22:11 - 2018-11-12 22:11 - 035266742 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0012.mp4
2018-11-12 22:11 - 2018-11-12 22:11 - 029695369 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0007 (1).mp4
2018-11-12 22:11 - 2018-11-12 22:11 - 025222707 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0009.mp4
2018-11-12 22:11 - 2018-11-12 22:11 - 022414261 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0008.mp4
2018-11-12 22:10 - 2018-11-12 22:10 - 029695369 _____ C:\Users\Antonio\Downloads\VID-20181112-WA0007.mp4
2018-11-11 20:14 - 2018-11-11 20:14 - 000612317 _____ C:\Users\Antonio\Downloads\TASK6.pdf
2018-11-11 20:13 - 2018-11-11 20:13 - 000612317 _____ C:\Users\Antonio\Desktop\TASK6.pdf
2018-11-11 20:12 - 2018-11-11 20:12 - 000612317 _____ C:\Users\Antonio\Downloads\Nuevo doc 2018-11-11 20.09.12-20181111200933(3).pdf
2018-11-11 20:12 - 2018-11-11 20:12 - 000612317 _____ C:\Users\Antonio\Downloads\Nuevo doc 2018-11-11 20.09.12-20181111200933(2).pdf
2018-11-11 20:12 - 2018-11-11 20:12 - 000612317 _____ C:\Users\Antonio\Downloads\Nuevo doc 2018-11-11 20.09.12-20181111200933 (1).pdf
2018-11-11 20:11 - 2018-11-11 20:11 - 000612317 _____ C:\Users\Antonio\Downloads\Nuevo doc 2018-11-11 20.09.12-20181111200933.pdf
2018-11-11 20:11 - 2018-11-11 20:11 - 000612317 _____ C:\Users\Antonio\Downloads\Nuevo doc 2018-11-11 20.09.12-20181111200933(1).pdf
2018-11-10 22:51 - 2018-11-10 22:51 - 000012951 _____ C:\Users\Antonio\Downloads\El-duodecimo-hombre-(torrent0) (2).torrent
2018-11-10 22:50 - 2018-11-10 22:50 - 000012951 _____ C:\Users\Antonio\Downloads\El-duodecimo-hombre-(torrent0).torrent
2018-11-10 22:50 - 2018-11-10 22:50 - 000012951 _____ C:\Users\Antonio\Downloads\El-duodecimo-hombre-(torrent0) (1).torrent
2018-11-10 22:48 - 2018-11-10 22:48 - 000000000 ____D C:\Users\Antonio\Downloads\El Duodecimo Hombre [1080p][Subtitulado][wWw.EliteTorrent.BiZ]
2018-11-10 22:37 - 2018-11-10 22:37 - 000000000 ____D C:\Users\Antonio\Desktop\berlin
2018-11-10 13:27 - 2018-11-10 13:27 - 003718608 _____ C:\Users\CLAUDIA\Downloads\QA_Clàssics_Tardor_2018_19_Tema0_Introducció.pdf
2018-11-10 13:27 - 2018-11-10 13:27 - 003718608 _____ C:\Users\CLAUDIA\Downloads\QA_Clàssics_Tardor_2018_19_Tema0_Introducció (1).pdf
2018-11-10 13:27 - 2018-11-10 13:27 - 000070555 _____ C:\Users\CLAUDIA\Downloads\Problemes_INTRODUCCIÓ.pdf
2018-11-10 13:26 - 2018-11-10 13:26 - 000399881 _____ C:\Users\CLAUDIA\Downloads\Problemes_addicionals_Introducció.pdf
2018-11-05 23:13 - 2018-11-05 23:13 - 000001776 _____ C:\Users\Antonio\Desktop\45728985551_00c9e45e98_b.jpg - Acceso directo.lnk
2018-11-05 09:00 - 2018-11-05 09:00 - 000364901 _____ C:\Users\CLAUDIA\Downloads\img20181104_19471620.pdf
2018-11-04 20:14 - 2018-11-04 20:14 - 000001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-11-04 20:13 - 2018-11-04 20:13 - 000025819 _____ C:\Users\Antonio\Downloads\Red.Dead.Redemption.2.PC.torrent
2018-11-04 16:39 - 2018-11-04 16:39 - 000011463 _____ C:\Users\Antonio\Downloads\1541093722-Gun City [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-11-04 16:38 - 2018-11-04 16:38 - 000011823 _____ C:\Users\Antonio\Downloads\1540054824-A la Deriva [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-11-04 16:35 - 2018-11-04 16:35 - 000020261 _____ C:\Users\Antonio\Downloads\1540422010-Milla 22 [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-11-04 16:34 - 2018-11-04 16:34 - 000012407 _____ C:\Users\Antonio\Downloads\1541011595-Las Guardianas [Hdrip][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-11-04 16:30 - 2018-11-04 16:30 - 000012110 _____ C:\Users\Antonio\Downloads\1541011868-The Equalizer 2 [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-11-04 16:26 - 2018-11-04 16:26 - 000012159 _____ C:\Users\Antonio\Downloads\1541288982-El Mejor Verano de mi Vida [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-11-02 19:19 - 2018-11-02 19:19 - 000064348 _____ C:\Users\Antonio\Downloads\Campeonato_de_Espana_Absoluto_por_Equipos_Masculinos_1_Categoria_2018_Resultados_Resultados_Viernes_2_Nov.pdf
2018-11-02 19:16 - 2018-11-02 19:16 - 000056040 _____ C:\Users\Antonio\Downloads\2018_Campeonato_de_Espana_Absoluto_por_Equipos_Masculinos_3_Categoria_CuadroHonor.pdf
2018-11-01 13:39 - 2018-11-01 13:39 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Speech Graphics
2018-10-30 21:50 - 2018-10-30 21:50 - 000001955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2018-10-30 21:50 - 2018-10-30 21:50 - 000000000 ____D C:\Program Files\Common Files\Nitro
2018-10-30 21:50 - 2018-10-30 21:50 - 000000000 ____D C:\Program Files (x86)\Nitro
2018-10-30 21:50 - 2017-03-09 09:44 - 000031944 _____ (Nitro Software, Inc.) C:\Windows\system32\nitrolocalmon11.dll
2018-10-30 21:50 - 2017-03-09 09:44 - 000020168 _____ (Nitro Software, Inc.) C:\Windows\system32\nitrolocalui11.dll
2018-10-30 21:48 - 2017-04-01 22:22 - 000000000 ____D C:\Users\Antonio\Downloads\NPE11(x64)
2018-10-30 21:46 - 2018-10-30 21:46 - 126237928 _____ C:\Users\Antonio\Downloads\NPE11(x64).rar
2018-10-30 20:11 - 2018-10-30 20:11 - 000192502 _____ C:\Users\Antonio\Downloads\factura_jaztel_J638500292.pdf
2018-10-28 22:48 - 2018-10-28 22:48 - 000000000 _____ C:\Users\Antonio\Downloads\sync_uid
2018-10-28 22:14 - 2018-10-28 22:15 - 000000000 ____D C:\AdwCleaner
2018-10-28 10:43 - 2018-10-28 10:43 - 000016344 _____ C:\Users\Antonio\Downloads\1536197336-Campeones [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-10-28 10:42 - 2018-10-28 10:42 - 000011451 _____ C:\Users\Antonio\Downloads\1539126650-El Mundo es Suyo [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent
2018-10-27 22:50 - 2018-10-27 22:50 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\EQATEC Analytics
2018-10-27 16:14 - 2018-10-27 16:15 - 000000000 ____D C:\Users\Antonio\AppData\Local\Airflow
2018-10-27 16:14 - 2018-10-27 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airflow (64-bit)
2018-10-27 16:14 - 2018-10-27 16:14 - 000000000 ____D C:\Program Files\Airflow

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-24 17:00 - 2017-12-06 17:01 - 000003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F137229A-FB15-4425-97AB-B9B652A2D758}
2018-11-24 16:42 - 2017-12-07 17:21 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492494534-3052034158-2930290983-1004
2018-11-24 16:42 - 2017-12-06 16:57 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492494534-3052034158-2930290983-1001
2018-11-24 10:48 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-11-24 10:43 - 2017-12-06 20:59 - 000000000 ____D C:\Program Files\CCleaner
2018-11-24 10:17 - 2018-07-17 18:42 - 000000000 ____D C:\Users\Antonio\AppData\Local\AVAST Software
2018-11-24 10:17 - 2017-12-06 16:56 - 000000000 ___DO C:\Users\Antonio\OneDrive
2018-11-23 23:46 - 2017-12-10 19:17 - 000000000 ____D C:\Users\Antonio\AppData\Local\Spotify
2018-11-23 23:40 - 2018-08-19 21:13 - 000003142 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTask-2C15EA3CA01D3E5FDCE170D20D43DD1D
2018-11-23 23:03 - 2017-12-10 19:16 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Spotify
2018-11-23 23:03 - 2017-12-06 19:02 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\Mozilla
2018-11-23 22:53 - 2018-09-01 19:00 - 000003168 _____ C:\Windows\System32\Tasks\PDRStyleAgent
2018-11-23 22:53 - 2018-06-05 11:43 - 000003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1528195391
2018-11-23 22:53 - 2018-05-30 10:13 - 000003464 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-PCANTONIO-CLAUDIA
2018-11-23 22:53 - 2018-05-18 22:12 - 000003160 _____ C:\Windows\System32\Tasks\StartCN
2018-11-23 22:53 - 2018-02-15 11:58 - 000003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1492494534-3052034158-2930290983-1004
2018-11-23 22:53 - 2018-02-02 22:49 - 000003464 _____ C:\Windows\System32\Tasks\[email protected]
2018-11-23 22:53 - 2018-02-01 21:32 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-PCANTONIO-SANDRA
2018-11-23 22:53 - 2017-12-16 17:14 - 000003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{71B25F3B-0A1F-4206-8482-916831445966}
2018-11-23 22:53 - 2017-12-11 20:05 - 000003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{90C2676F-5F50-4938-B436-F1179AD1ECA3}
2018-11-23 22:53 - 2017-12-11 11:14 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492494534-3052034158-2930290983-1005
2018-11-23 22:53 - 2017-12-10 17:05 - 000003714 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492494534-3052034158-2930290983-1001UA
2018-11-23 22:53 - 2017-12-10 17:05 - 000003442 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492494534-3052034158-2930290983-1001Core
2018-11-23 22:53 - 2017-12-09 22:15 - 000003508 _____ C:\Windows\System32\Tasks\[email protected]
2018-11-23 22:53 - 2017-12-08 00:19 - 000003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1492494534-3052034158-2930290983-1001
2018-11-23 22:53 - 2017-12-07 20:20 - 000003322 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2018-11-23 22:53 - 2017-12-06 20:58 - 000002978 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2018-11-23 22:53 - 2017-12-06 19:08 - 000004504 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-23 22:53 - 2017-12-06 19:08 - 000004332 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-23 22:53 - 2017-12-06 19:06 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-23 22:53 - 2017-12-06 17:04 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-23 22:53 - 2017-12-06 17:04 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-23 22:53 - 2017-12-06 17:03 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-11-23 22:20 - 2017-12-17 20:45 - 000000000 ____D C:\Users\Antonio\Documents\AVerTV
2018-11-23 20:47 - 2018-01-06 19:49 - 000185072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-22 21:42 - 2018-09-01 20:01 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-22 21:35 - 2017-12-06 17:03 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-22 21:34 - 2018-10-22 20:10 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-22 21:34 - 2017-12-06 17:03 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-22 21:33 - 2017-12-06 17:03 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-22 21:33 - 2017-12-06 17:03 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-22 21:33 - 2017-12-06 17:03 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-22 21:33 - 2017-12-06 17:03 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-22 21:33 - 2017-12-06 17:03 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-22 17:20 - 2017-12-06 22:58 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Packages
2018-11-22 15:23 - 2018-06-30 11:15 - 000000000 ____D C:\Users\SANDRA\Desktop\Fortnite
2018-11-21 20:32 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2018-11-20 15:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-20 15:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-20 15:06 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
2018-11-19 23:01 - 2017-12-06 18:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-19 22:41 - 2018-06-05 11:43 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2018-11-19 22:41 - 2018-06-05 11:43 - 000000000 ____D C:\Program Files\Opera
2018-11-19 22:34 - 2017-12-06 19:09 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\uTorrent
2018-11-19 21:57 - 2017-12-06 19:02 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-19 21:57 - 2017-12-06 19:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-19 21:57 - 2017-12-06 19:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-18 18:53 - 2017-12-06 18:08 - 000002342 _____ C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2018-11-18 11:27 - 2017-12-09 00:07 - 000000000 ___RD C:\Users\Antonio\Desktop\OFICINA
2018-11-17 20:26 - 2014-11-21 00:03 - 001832546 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-17 20:26 - 2014-11-20 23:21 - 000810810 _____ C:\Windows\system32\perfh00A.dat
2018-11-17 20:26 - 2014-11-20 23:21 - 000167046 _____ C:\Windows\system32\perfc00A.dat
2018-11-17 20:23 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2018-11-17 18:18 - 2017-12-06 16:58 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-17 17:29 - 2017-12-26 22:04 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\Temp
2018-11-16 22:29 - 2018-10-12 09:57 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-16 22:29 - 2018-10-12 09:57 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 19:44 - 2017-12-06 22:58 - 000002339 _____ C:\Users\SANDRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk
2018-11-16 19:14 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-16 19:06 - 2017-12-06 18:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-15 16:31 - 2017-12-08 23:29 - 000000000 ____D C:\Users\Antonio\AppData\Local\CrashDumps
2018-11-15 13:51 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-15 13:51 - 2013-08-22 15:44 - 000550560 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-14 23:30 - 2017-12-06 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-11-14 23:30 - 2013-08-22 14:25 - 000524288 ___SH C:\Windows\system32\config\BBI
2018-11-14 17:30 - 2017-12-07 19:03 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 17:01 - 2017-12-07 19:03 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-14 15:57 - 2017-12-06 19:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-13 16:40 - 2017-12-06 20:50 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-11-12 22:25 - 2017-12-06 21:04 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\vlc
2018-11-10 00:02 - 2018-10-23 20:30 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-05 19:15 - 2017-12-06 22:58 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Google
2018-11-05 09:02 - 2017-12-06 22:54 - 000000000 ____D C:\Users\CLAUDIA
2018-11-05 08:59 - 2017-12-11 11:15 - 000002277 _____ C:\Users\CLAUDIA\Desktop\Google Chrome.lnk
2018-11-04 20:11 - 2017-12-06 22:49 - 000000000 ____D C:\Users\ARACELI
2018-11-02 22:56 - 2017-12-08 23:29 - 000000000 ____D C:\Users\Antonio\AppData\Local\Pinnacle
2018-11-02 22:56 - 2017-12-08 23:28 - 000001142 _____ C:\Users\Antonio\AppData\Roaming\PCANTONIO.MTBF.txt
2018-11-02 22:56 - 2017-12-08 23:18 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2018-11-02 19:02 - 2017-12-06 17:55 - 000000000 ____D C:\ProgramData\CanonIJPLM
2018-11-01 01:42 - 2017-12-06 16:51 - 000000000 ____D C:\Users\Antonio
2018-10-30 20:06 - 2017-12-09 00:11 - 000000000 ___RD C:\Users\Antonio\Desktop\LIMPIEZA
2018-10-27 22:50 - 2017-12-09 19:56 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\ON1
2018-10-27 19:32 - 2017-12-08 23:43 - 000000000 ___RD C:\Users\Antonio\Desktop\ACCESOS

==================== Files in the root of some directories =======

2017-12-08 23:28 - 2018-11-02 22:56 - 000001142 _____ () C:\Users\Antonio\AppData\Roaming\PCANTONIO.MTBF.txt
2018-10-18 22:23 - 2018-10-19 16:18 - 000005120 _____ () C:\Users\Antonio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 _____ () C:\Users\Antonio\AppData\Local\oobelibMkey.log

Some files in TEMP:
====================
2018-11-10 12:17 - 2014-11-21 00:18 - 001040384 _____ (Microsoft Corporation) C:\Users\CLAUDIA\AppData\Local\Temp\kernel32.dll
2018-10-23 13:59 - 2014-11-21 00:18 - 001040384 _____ (Microsoft Corporation) C:\Users\SANDRA\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-11 09:56

==================== End of FRST.txt ============================

Gracias


#11

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8 :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
CustomCLSID: HKU\S-1-5-21-1492494534-3052034158-2930290983-1004_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\SANDRA\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
Task: {50D5C9BD-AB90-4407-B0EA-8A89C7911CAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {AF66B742-C8CD-4890-97DE-7AEB6219B025} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-02-02] (Glarysoft Ltd)
Task: {CA06F31B-8008-427B-BA97-216271FC4477} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {F5481715-70EF-4421-AD98-3741239067BE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2017-08-10] (Nero AG)
Task: {FDA8E89C-7159-4C33-8FC4-964ECEB72962} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
AlternateDataStreams: C:\Users\Public\AppData:CSM [478]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [Google Update] => C:\Users\SANDRA\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [AceStream] => C:\Users\SANDRA\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [Spotify Web Helper] => C:\Users\SANDRA\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34917264 2018-11-19] (Epic Games, Inc.)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [Google Update] => C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [AceStream] => C:\Users\CLAUDIA\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [Spotify Web Helper] => C:\Users\CLAUDIA\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\MountPoints2: {4b869262-da9c-11e7-824e-806e6f6e6963} - "H:\Run.exe"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [Google Update] => C:\Users\ARACELI\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [AceStream] => C:\Users\ARACELI\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [Spotify Web Helper] => C:\Users\ARACELI\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\MountPoints2: {4b869262-da9c-11e7-824e-806e6f6e6963} - "H:\Run.exe"
Startup: C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Herramienta de búsqueda de soportes de PMB.lnk [2017-12-06]
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-06-03] ()
2018-10-18 22:23 - 2018-10-19 16:18 - 000005120 _____ () C:\Users\Antonio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 _____ () C:\Users\Antonio\AppData\Local\oobelibMkey.log
2018-11-10 12:17 - 2014-11-21 00:18 - 001040384 _____ (Microsoft Corporation) C:\Users\CLAUDIA\AppData\Local\Temp\kernel32.dll
2018-10-23 13:59 - 2014-11-21 00:18 - 001040384 _____ (Microsoft Corporation) C:\Users\SANDRA\AppData\Local\Temp\kernel32.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.


#12

Hola Javier,

He pasado test de velocidad y la descarga varia según el navegador así en Chrome la descarga es : 367 mb y en Firefox: 480 mb

Pego el reporte:


Fix result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by Antonio (25-11-2018 19:51:52) Run:1
Running from C:\Users\Antonio\Desktop
Loaded Profiles: Antonio (Available Profiles: Antonio & SANDRA & CLAUDIA & ARACELI)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
CustomCLSID: HKU\S-1-5-21-1492494534-3052034158-2930290983-1004_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\SANDRA\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
Task: {50D5C9BD-AB90-4407-B0EA-8A89C7911CAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {AF66B742-C8CD-4890-97DE-7AEB6219B025} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-02-02] (Glarysoft Ltd)
Task: {CA06F31B-8008-427B-BA97-216271FC4477} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {F5481715-70EF-4421-AD98-3741239067BE} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2017-08-10] (Nero AG)
Task: {FDA8E89C-7159-4C33-8FC4-964ECEB72962} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
AlternateDataStreams: C:\Users\Public\AppData:CSM [478]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [Google Update] => C:\Users\SANDRA\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [AceStream] => C:\Users\SANDRA\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [Spotify Web Helper] => C:\Users\SANDRA\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34917264 2018-11-19] (Epic Games, Inc.)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [Google Update] => C:\Users\CLAUDIA\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [AceStream] => C:\Users\CLAUDIA\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\Run: [Spotify Web Helper] => C:\Users\CLAUDIA\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\...\MountPoints2: {4b869262-da9c-11e7-824e-806e6f6e6963} - "H:\Run.exe"
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [Google Update] => C:\Users\ARACELI\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [AceStream] => C:\Users\ARACELI\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\Run: [Spotify Web Helper] => C:\Users\ARACELI\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\...\MountPoints2: {4b869262-da9c-11e7-824e-806e6f6e6963} - "H:\Run.exe"
Startup: C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Herramienta de b�squeda de soportes de PMB.lnk [2017-12-06]
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-06-03] ()
2018-10-18 22:23 - 2018-10-19 16:18 - 000005120 _____ () C:\Users\Antonio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-29 10:25 - 2018-09-29 10:25 - 000000000 _____ () C:\Users\Antonio\AppData\Local\oobelibMkey.log
2018-11-10 12:17 - 2014-11-21 00:18 - 001040384 _____ (Microsoft Corporation) C:\Users\CLAUDIA\AppData\Local\Temp\kernel32.dll
2018-10-23 13:59 - 2014-11-21 00:18 - 001040384 _____ (Microsoft Corporation) C:\Users\SANDRA\AppData\Local\Temp\kernel32.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{50D5C9BD-AB90-4407-B0EA-8A89C7911CAA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50D5C9BD-AB90-4407-B0EA-8A89C7911CAA}" => removed successfully
C:\Windows\System32\Tasks\CCleaner Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF66B742-C8CD-4890-97DE-7AEB6219B025}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF66B742-C8CD-4890-97DE-7AEB6219B025}" => removed successfully
C:\Windows\System32\Tasks\GU5SkipUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GU5SkipUAC" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA06F31B-8008-427B-BA97-216271FC4477}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA06F31B-8008-427B-BA97-216271FC4477}" => removed successfully
C:\Windows\System32\Tasks\[email protected] => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\[email protected]" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5481715-70EF-4421-AD98-3741239067BE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5481715-70EF-4421-AD98-3741239067BE}" => removed successfully
C:\Windows\System32\Tasks\Nero\Nero Info => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nero\Nero Info" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDA8E89C-7159-4C33-8FC4-964ECEB72962}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDA8E89C-7159-4C33-8FC4-964ECEB72962}" => removed successfully
C:\Windows\System32\Tasks\CCleanerSkipUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => removed successfully
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Windows\CurrentVersion\Run\\AceStream" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1004\Software\Microsoft\Windows\CurrentVersion\Run\\EpicGamesLauncher" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Software\Microsoft\Windows\CurrentVersion\Run\\AceStream" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b869262-da9c-11e7-824e-806e6f6e6963}" => not found
HKLM\Software\Classes\CLSID\{4b869262-da9c-11e7-824e-806e6f6e6963} => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Software\Microsoft\Windows\CurrentVersion\Run\\AceStream" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper" => not found
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b869262-da9c-11e7-824e-806e6f6e6963}" => not found
HKLM\Software\Classes\CLSID\{4b869262-da9c-11e7-824e-806e6f6e6963} => not found
"C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Herramienta de b�squeda de soportes de PMB.lnk" => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
HKLM\System\CurrentControlSet\Services\hitmanpro37 => removed successfully
hitmanpro37 => service removed successfully
C:\Users\Antonio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Antonio\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\CLAUDIA\AppData\Local\Temp\kernel32.dll => moved successfully
C:\Users\SANDRA\AppData\Local\Temp\kernel32.dll => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::51d2:c946:d591:928a%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67594373 B
Java, Flash, Steam htmlcache => 1440 B
Windows/system/drivers => 2178670 B
Edge => 0 B
Chrome => 364167184 B
Firefox => 598880157 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 832 B
NetworkService => 0 B
Antonio => 229606778 B
SANDRA => 314717105 B
CLAUDIA => 2477838 B
ARACELI => 0 B

RecycleBin => 4088395 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:53:58 ====

Gracias.


#13

Hola.

Revisa la lista de programas instalados, la que se ve en el informe de Addtion.txt que nos pusiste, lo veras justo debajo del apartado :

==================== Installed Programs ======================

Y comprueba SI TODOS los que aparece los conoces y tienes claro haberlos instalado TU.

Dinos cuales NO conoces de esa lista. :thinking:

Saludos.


#15

-Complete Internet Repair

-Primo (HKLM-x32…{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden

-Runtime (HKLM-x32…{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden

-Setup (HKLM-x32…{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Nombre de su organización) Hidden

-TunesKit Spotify Converter 1.2.7.138 (HKLM-x32…\TunesKit Spotify Converter_is1) (Version: - TunesKit, Inc.)

Así queda más claro.

Saludos.


#16

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8 :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Runtime (HKLM-x32…{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden
Setup (HKLM-x32…{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Nombre de su organización) Hidden
Primo (HKLM-x32…{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.


#17

Hola Javier,

Perdona el retraso,he realizado los pasos.Haciendo el test con Speedtest en Chrome la descarga es: 370 mb en Firefox: 444 mb.He bajado la aplicación de Speedtest y la ejecuto desde el escritorio y da: 610 mb de descarga.

Pego el reporte:

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Antonio (01-12-2018 19:35:20) Run:3
Running from C:\Users\Antonio\Desktop
Loaded Profiles: Antonio (Available Profiles: Antonio & SANDRA & CLAUDIA & ARACELI)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Runtime (HKLM-x32�{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden
Setup (HKLM-x32�{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Nombre de su organizaci�n) Hidden
Primo (HKLM-x32�{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Runtime (HKLM-x32�{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden\\SystemComponent" => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Setup (HKLM-x32�{C9C9ACD1-F275-45CB-B507-96486DB5E608}) (Version: 20.0.0.132 - Nombre de su organizaci�n) Hidden\\SystemComponent" => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Primo (HKLM-x32�{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden\\SystemComponent" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : home

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::51d2:c946:d591:928a%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.37
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19032389 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 36815 B
Edge => 0 B
Chrome => 329020307 B
Firefox => 25475717 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 832 B
NetworkService => 0 B
Antonio => 18492693 B
SANDRA => 0 B
CLAUDIA => 0 B
ARACELI => 0 B

RecycleBin => 16591 B
EmptyTemp: => 373.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:35:45 ====

Muchas gracias.


#18

Hola.

Y ahora utilizando Revouninstaller, que veo lo tienes instalado, úsalo para desinstalar desde su modo AVANZADO estos programas :

Cuando hayas terminado REINICIAS el equipo y compruebas.

Saludos.


#19

Hola Javier,

Primo,Runtime y Setup no los encuentra Revounistaller.

Saludos


#20

REINICIA el equipo y comprueba su funcionamiento. :thinking:


#21

Firefox 480 mb y Chrome 296 mb de descarga.

Parece que sigue igual.

Saludos.


#22

Hola.

Ya te dije que seria difícil recuperar esos teóricos 600mb de conexión que te da tu proveedor de Internet. :smirk:

Y ahora ejecuta un análisis con :arrow_forward: ESET Online y cuando te salga esta pantalla :


Debes seguir estos pasos :

  • 1.- Marcas :ballot_box_with_check: todas esas opciones.
  • 2.- Pulsar sobre " Cambiar……" y seleccionas todas las unidades de disco y/o usb que tengas.
  • 3.- Pulsar en “Iniciar” y comenzara el análisis.

Con esto realizaras un análisis completo de todo el equipo, cuando termines todo el proceso, guardas el informe, que veras la opción para exportar/guardar en TXT y lo dejas guardado en tu escritorio para ponerlo en tu próxima respuesta.

Finalizas el proceso desinfectando los elementos encontrados y Reinicia tu PC, y nos pones el informe en tu próxima respuesta.

Y coméntanos como funciona tu equipo.

Saludos.