Publicidad extraña y persistente en navegadores y buscadores varios

Guillef · 6 Enero, 2021 06:54

Hola a todos! ¿Cómo están?

Desde hace un tiempo que cuando realizo alguna búsqueda en Google, Bing, Yahoo me aparecen unas publicidades extrañas. Intenté varias cosas, siguiendo los temas similares, para quitarlas pero por el momento no pude. Detallo lo que hice y adjunto los logs:

Instalé el Malwarebytes, lo ejecuté y limpié lo que me sugirió
Instalé el Spybot, lo ejecuté y limpié todo
Instalé el ZHPCleaner (no lo entendí muy bien) pero corrí y limpié lo que me sugirió (en este caso se solucionó el problema, pero cuando reinicié la notebook volvieron a a parecer las publicidades), lo probé varias veces y siempre lo mismo.
Hice los analisis con el Fabra Recovery Scan Tool y el Hijackthis

El sistema operativo es Windows 10, y el problema ocurre tanto en Chrome como en Edge.

Ultimo log Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 5/1/21
Hora del análisis: 20:28
Archivo de registro: a688ef60-4fad-11eb-803f-f875a470bb39.json

-Información del software-
Versión: 4.3.0.98
Versión de los componentes: 1.0.1130
Versión del paquete de actualización: 1.0.35335
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.1256)
CPU: x64
Sistema de archivos: NTFS
Usuario: GUILLERMO-NTB\guill

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 670058
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 hr, 43 min, 14 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Log Spybot

Search results from Spybot - Search & Destroy

6/1/2021 02:40:28
Scan took 00:17:45.
12 items found.

CasaleMedia: [SBI $ASBRCOOK] Tracking cookie (Internet Explorer (User): guill) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

DoubleClick: [SBI $ASBRCOOK] Tracking cookie (Internet Explorer (User): guill) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

DoubleClick: [SBI $ASBRCOOK] Tracking cookie (Google Chrome: Default) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Microsoft Management Console\Recent File List
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $BCOOKIES] Browser: Cookie (32) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cache: [SBI $BCACHE00] Browser: Cache (202) (Browser: Cache, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

History: [SBI $BHISTORY] Browser: History (37) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $BCOOKIES] Browser: Cookie (268) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cache: [SBI $BCACHE00] Browser: Cache (9375) (Browser: Cache, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

History: [SBI $BHISTORY] Browser: History (263) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54


--- Spybot - Search & Destroy version: 2.7.64.131  DLL (build: 20180214) ---

2018-04-20 blindman.exe (2.7.64.152)
2018-04-20 explorer.exe (2.7.64.191)
2018-02-06 SDBootCD.exe (2.7.64.109)
2018-04-20 SDCleaner.exe (2.7.64.110)
2018-04-20 SDDelFile.exe (2.7.64.94)
2018-04-20 SDFiles.exe (2.7.64.137)
2018-04-20 SDFileScanHelper.exe (2.7.64.7)
2018-04-20 SDFSSvc.exe (2.7.64.219)
2018-04-20 SDHelp.exe (2.7.64.1)
2018-02-06 SDHookHelper.exe (2.7.64.2)
2018-02-06 SDHookInst32.exe (2.7.64.2)
2018-02-06 SDHookInst64.exe (2.7.64.2)
2018-04-20 SDImmunize.exe (2.7.64.133)
2018-04-20 SDLogReport.exe (2.7.64.107)
2018-04-20 SDOnAccess.exe (2.7.64.12)
2018-04-20 SDPESetup.exe (2.7.64.3)
2018-04-20 SDPEStart.exe (2.7.64.86)
2018-04-20 SDPhoneScan.exe (2.7.64.29)
2018-04-20 SDPRE.exe (2.7.64.22)
2018-02-06 SDPrepPos.exe (2.7.64.15)
2018-04-20 SDQuarantine.exe (2.7.64.103)
2018-02-06 SDRootAlyzer.exe (2.7.64.116)
2018-02-06 SDSBIEdit.exe (2.7.64.39)
2018-04-20 SDScan.exe (2.7.64.191)
2018-02-06 SDScript.exe (2.7.64.54)
2018-04-20 SDSettings.exe (2.7.64.139)
2018-04-20 SDShell.exe (2.7.64.2)
2018-02-06 SDShred.exe (2.7.64.108)
2018-02-06 SDSysRepair.exe (2.7.64.102)
2018-02-06 SDTools.exe (2.7.64.157)
2018-04-20 SDTray.exe (2.7.64.129)
2018-04-20 SDUpdate.exe (2.7.64.98)
2018-04-20 SDUpdSvc.exe (2.7.64.82)
2018-08-08 SDUpgrade.exe (2.7.65.0)
2018-04-20 SDWelcome.exe (2.7.64.131)
2018-02-06 SDWSCSvc.exe (2.7.64.3)
2020-01-15 spybotsd2-install-bdcore-update-2020a.exe (2.8.67.0)
2021-01-05 unins000.exe (51.1052.0.0)
2017-11-28 xcacls.exe
2017-11-28 borlndmm.dll (10.0.2288.42451)
2018-01-29 DelZip190.dll (1.9.0.119)
2018-01-29 DelZip192.dll (1.9.2.136)
2018-01-29 libeay32.dll (1.0.2.14)
2017-11-28 libssl32.dll (1.0.0.4)
2018-02-06 NotificationSpreader.dll (2.7.64.4)
2018-04-20 SDAdvancedCheckLibrary.dll (2.7.64.98)
2018-04-20 SDAV.dll (2.4.40.7)
2018-02-06 SDECon32.dll (2.7.64.114)
2018-03-23 SDECon64.dll (2.7.64.113)
2018-02-06 SDEvents.dll (2.7.64.2)
2018-04-20 SDFileScanLibrary.dll (2.7.64.24)
2018-02-06 SDHook32.dll (2.7.64.2)
2018-02-06 SDHook64.dll (2.7.64.2)
2018-04-20 SDImmunizeLibrary.dll (2.7.64.3)
2018-04-20 SDLicense.dll (2.7.64.3)
2018-04-20 SDLists.dll (2.7.64.8)
2018-02-06 SDResources.dll (2.7.64.7)
2018-04-20 SDScanLibrary.dll (2.7.64.131)
2018-04-20 SDTasks.dll (2.7.64.15)
2018-02-06 SDWinLogon.dll (2.7.64.0)
2018-01-29 sqlite3.dll (3.22.0.0)
2018-01-29 ssleay32.dll (1.0.2.14)
2018-02-06 Tools.dll (2.7.64.36)
2019-07-03 Includes\Adware-000.sbi (*)
2018-09-24 Includes\Adware-001.sbi (*)
2018-09-24 Includes\Adware-002.sbi (*)
2018-09-24 Includes\Adware-003.sbi (*)
2020-12-30 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2017-11-28 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2018-06-20 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2018-04-04 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2020-04-01 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2018-04-12 Includes\Malware-002.sbi (*)
2019-11-20 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2020-12-23 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2018-05-02 Includes\PUPS-000.sbi (*)
2020-12-07 Includes\PUPS-001.sbi (*)
2018-05-02 Includes\PUPS-002.sbi (*)
2018-05-02 Includes\PUPS-003.sbi (*)
2018-05-02 Includes\PUPS-004.sbi (*)
2020-12-30 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2018-08-01 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2020-07-29 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2017-06-28 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2017-10-25 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2018-11-28 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2017-12-01 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2018-11-28 Includes\Trojans-009.sbi (*)
2018-06-21 Includes\Trojans-010.sbi (*)
2020-12-30 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

Log ZHPCleaner

~ ZHPCleaner v2021.1.2.266 by Nicolas Coolman (2021/01/02)
~ Run by guill (Administrator)  (05/01/2021 20:03:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\guill\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\guill\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 18363)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (1)
BORRADOS dados: [X64] HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser [Bad : 0]  =>.SUP.ProxyRestriction

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (21)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (9)
MOVIDO carpeta: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Users\guill\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Windows\Prefetch\KMSPICO-SETUP.TMP-57784C01.pf    =>HackTool.KMSpico
MOVIDO carpeta: C:\Windows\Prefetch\KMSPICO-SETUP.TMP-EAA7ECE0.pf    =>HackTool.KMSpico
MOVIDO carpeta: C:\Windows\SECOH-QAD.dll    =>HackTool.KMSpico

---\  Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados. (Register)

---\  Resumen de elementos en su estación de trabajo (3)
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.ProxyRestriction
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico

---\ Limpieza adicional. (9)
~ Clave de registro Tracing borrados (9)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Internet Explorer OK

---\ STATISTIQUES
~ Items escaneado : 1170
~ Items encontrado : 0
~ artículos cancelados : 2
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 9/16

---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto

~ End of clean in 00h00mn41s

Log Hijackthis

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform:  x64 Windows 10 (Home), 10.0.18363.1256 (ReleaseId: 1909), Service Pack: 0
Time:      06.01.2021 - 02:46 (UTC-03:00)
Language:  OS: Spanish (0xC0A). Display: Spanish (0x80A). Non-Unicode: Spanish (0xC0A)
Elevated:  Yes
Ran by:    guill	(group: Administrator) on GUILLERMO-NTB, FirstRun: yes

Chrome:  87.0.4280.88
Edge:    11.0.18362.1171
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
   3  C:\Program Files (x86)\Dropbox\Client\113.3.427\QtWebEngineProcess.exe
   4  C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
   1  C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
   1  C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
   1  C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
   1  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
   1  C:\Program Files\Avast Software\Avast\AvastSvc.exe
   3  C:\Program Files\Avast Software\Avast\AvastUI.exe
   1  C:\Program Files\Avast Software\Avast\aswEngSrv.exe
   1  C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
   1  C:\Program Files\Avast Software\Avast\aswidsagent.exe
   1  C:\Program Files\Avast Software\Avast\wsc_proxy.exe
   1  C:\Program Files\CCleaner\CCleaner64.exe
   1  C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
   1  C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
   1  C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
   1  C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
   1  C:\Program Files\McAfee\WebAdvisor\servicehost.exe
   1  C:\Program Files\McAfee\WebAdvisor\uihost.exe
   1  C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
   1  C:\Program Files\OpenVPN\bin\openvpn-gui.exe
   1  C:\Program Files\OpenVPN\bin\openvpnserv.exe
   1  C:\Program Files\PowerToys\PowerToys.exe
   1  C:\Program Files\PowerToys\modules\ColorPicker\ColorPickerUI.exe
   1  C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
   1  C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.10.0_neutral__egxr34yet59cg\Package\QuickLook.exe
   1  C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.18.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20090.1002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
   1  C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
   1  C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe\YourPhone.exe
   1  C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
   1  C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
   1  C:\Users\guill\AppData\Local\MEGAsync\MEGAsync.exe
   1  C:\Users\guill\Downloads\HiJackThis.exe
   1  C:\Windows\ImmersiveControlPanel\SystemSettings.exe
   1  C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
   1  C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
   1  C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
   1  C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
   2  C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
   1  C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
   1  C:\Windows\SysWOW64\dllhost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DbxSvc.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
   1  C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
   1  C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\TPMProvisioningService.exe
   2  C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\NVDisplay.Container.exe
   1  C:\Windows\System32\FMService64.exe
   2  C:\Windows\System32\RtkAudUService64.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchFilterHost.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SearchProtocolHost.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SecurityHealthSystray.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   3  C:\Windows\System32\WUDFHost.exe
   1  C:\Windows\System32\audiodg.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   2  C:\Windows\System32\dllhost.exe
   2  C:\Windows\System32\dolbyaposvc\DAX3API.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\oobe\UserOOBEBroker.exe
   1  C:\Windows\System32\rundll32.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
   1  C:\Windows\System32\sppsvc.exe
  79  C:\Windows\System32\svchost.exe
   1  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wbem\WmiPrvSE.exe
   2  C:\Windows\System32\wbem\unsecapp.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\System32\wlanext.exe
   1  C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
   1  C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   1  C:\Windows\explorer.exe

R1 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 0http://127.0.0.1:86/
R1 - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
R1-32 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [AutoConfigURL] = http://127.0.0.1:86/
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [OPENVPN-GUI] = C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\guill\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/10/13)
O4 - HKCU\..\StartupApproved\Run: [utweb] = C:\Users\guill\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED (2020/10/13)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\Avast Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [LogiOptions] = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\RtkAudUService64.exe -background
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\sdnclean64.exe
O4 - User Startup: C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk    ->    C:\Users\guill\AppData\Local\MEGAsync\MEGAsync.exe
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O6 - IE Policy: HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel - present
O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O16-32 - DPF: HKLM\..\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\DownloadInformation: GpcContainer Class [CODEBASE] = 
O17 - DHCP DNS 1: 200.42.4.210
O17 - DHCP DNS 2: 200.49.130.52
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending):  MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced):  MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing):  MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\Avast Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.46.0.dll
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC ReadyToReboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Microsoft)
O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\VantageTelemetryAddinTask - C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe VantageTelemetryAddinTask
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
O22 - Task: Avast Emergency Update - C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: EOSv3 Scheduler onLogOn - C:\Users\guill\Downloads\esetonlinescanner.exe LOGON
O22 - Task: EOSv3 Scheduler onTime - C:\Users\guill\Downloads\esetonlinescanner.exe SCHED
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: InstallShield® Setup Engine Kernel - C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe
O22 - Task: Optimize Thumbnail Cache - C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\Windows\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
O22 - Task: \Lenovo\ImController\TimeBasedEvents\02cf3e5d-041a-4913-bbda-213c65830dc8 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 02cf3e5d-041a-4913-bbda-213c65830dc8
O22 - Task: \Lenovo\ImController\TimeBasedEvents\241eb2f7-d03e-4e42-babd-f46a080c5927 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 241eb2f7-d03e-4e42-babd-f46a080c5927
O22 - Task: \Lenovo\ImController\TimeBasedEvents\336a8d64-d5a1-4ca4-8d8e-d129fe481841 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 336a8d64-d5a1-4ca4-8d8e-d129fe481841
O22 - Task: \Lenovo\ImController\TimeBasedEvents\7b4b1907-99c9-4902-abc1-d629b01e6682 - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 7b4b1907-99c9-4902-abc1-d629b01e6682
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \PowerToys\Autorun for guill - C:\Program Files\PowerToys\PowerToys.exe
O22 - Task: \Safer-Networking\Spybot - Search and Destroy\Check for updates - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
O22 - Task: \Safer-Networking\Spybot - Search and Destroy\Refresh immunization - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
O22 - Task: \Safer-Networking\Spybot - Search and Destroy\Scan the system - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose
O23 - Service R2: @oem0.inf,%ImcSvcDisplayName%;System Interface Foundation Service - (ImControllerService) - C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\Avast Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\Avast Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: DbxSvc - C:\Windows\system32\DbxSvc.exe
O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\Windows\system32\dolbyaposvc\DAX3API.exe
O23 - Service R2: Fortemedia APO Control Service - (FMAPOService) - C:\Windows\System32\FMService64.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
O23 - Service R2: Intel(R) Dynamic Tuning service - (esifsvc) - C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
O23 - Service R2: Intel(R) TPM Provisioning Service - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\TPMProvisioningService.exe
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: OpenVPN Interactive Service - (OpenVPNServiceInteractive) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\RtkAudUService64.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Servicio de Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\SocketHeciServer.exe
O23 - Service S3: McSecDashboardService - C:\Program Files\McAfeeDashboard\McSecDashboardService.exe
O23 - Service S3: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: OpenVPN Legacy Service - (OpenVPNServiceLegacy) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service S3: OpenVPNService - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service S3: Servicio de Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc


--
End of file - Time spent: 24,2 sec. - 47836 bytes, CRC32: FFFFFFFF. Sign: 쓞쓴

Los los del Fabra los agrego en respuesta a esta tema, ya que no me deja sumarlos en este por exceso de caracteres

Desde ya agradezco cualquier ayuda que me puedan brindar

Saludos!

Guillermo

Guillef · 6 Enero, 2021 06:56

Log FRST.txt

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-01-2021
Ejecutado por guill (administrador) sobre GUILLERMO-NTB (LENOVO 81SY) (06-01-2021 03:36:04)
Ejecutado desde C:\Users\guill\Downloads
Perfiles cargados: guill
Platform: Windows 10 Home Versión 1909 18363.1256 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\DSRHost.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <4>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\113.3.427\QtWebEngineProcess.exe <4>
(Flexera Software LLC -> InstallShield Software Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_3004658ee4d7fe24\lib\TPMProvisioningService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.18.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Mega Limited -> Mega Limited) C:\Users\guill\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Paddy Xu) C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.10.0_neutral__egxr34yet59cg\Package\QuickLook.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\Run: [utweb] => C:\Users\guill\AppData\Roaming\uTorrent Web\utweb.exe [5517440 2020-09-15] (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado]
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2020-04-16] (OpenVPN Inc. -> )
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [361736 2020-05-22] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-12] (Google LLC -> Google LLC)
Startup: C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-08-07]
ShortcutTarget: MEGAsync.lnk -> C:\Users\guill\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {1037F972-155E-4105-82DA-7BE06898580D} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {1C7DB55B-D222-4FC7-A9B9-848072CC6A32} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F3A705F-36FD-40A0-AC72-0405FB7F9955} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\241eb2f7-d03e-4e42-babd-f46a080c5927 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4073A3C1-EAFB-4E8F-A91D-D5C1BFC20FFE} - System32\Tasks\PowerToys\Autorun for guill => C:\Program Files\PowerToys\PowerToys.exe [1235312 2020-12-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {47AE9CA4-67BB-49A5-A61B-E283AE092CDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-07] (Google LLC -> Google LLC)
Task: {482D68F8-40B3-42BB-AF38-49ADD0B06732} - System32\Tasks\Optimize Thumbnail Cache => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [Archivo no firmado]
Task: {4C533845-401B-445C-BBAA-2502B63AFA6C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\336a8d64-d5a1-4ca4-8d8e-d129fe481841 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {5E0A432C-B170-418B-A57A-E631F19EAC03} - System32\Tasks\InstallShield® Setup Engine Kernel => C:\Program Files (x86)\Common Files\installshield\engine\8\intel 32\iKernel.exe [72880 2020-10-16] (Flexera Software LLC -> InstallShield Software Corporation) [Archivo no firmado]
Task: {72B0613C-7CF4-4710-9D16-72467C54519B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C178597-DE27-41E3-9CBF-02082ADAA6D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {871A241F-0FE0-4347-8C7A-1EDBF2B799E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D69B0A8-3DD4-4E7A-84FB-8EA4CA650E23} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {973C620C-C13C-4404-BE12-E483125E7B49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-07] (Google LLC -> Google LLC)
Task: {AB78CFBD-82DA-461E-A2B7-2E9F27BE2162} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7b4b1907-99c9-4902-abc1-d629b01e6682 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B27681FB-3B38-4CDE-B368-420011340CE0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {B2D15335-EE8C-4CCA-B53C-66C96FC0E1D2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\02cf3e5d-041a-4913-bbda-213c65830dc8 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C1421056-43F0-49D4-9928-C121FB3FF8AC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C50B121D-90E9-40B8-B0A2-97E991E23CC2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-10-15] (Avast Software s.r.o. -> Avast Software)
Task: {C74FCB0F-0D0E-4905-8626-9936C9C43933} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C984BBD6-7CE5-4BC8-A27A-E5A3B5FD5D7B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {CA00C99F-439A-4012-8067-0573C470A48E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {D0557187-7A29-4F9A-A37C-3E82747D0758} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE73DB03-86EF-46A8-90F5-0E326D5B15A5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {EA06C266-2CCA-4970-ACB1-F7171743A984} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\guill\Downloads\esetonlinescanner.exe [15012440 2021-01-05] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {F12E6AED-84FE-4BFB-BA33-F93DBF0E3C22} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143720 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F147E6BB-27FD-4E89-A610-5DC3AA60F8DC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {FFB1B1D9-5A03-47D9-B42D-C5EDECACB2BB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\guill\Downloads\esetonlinescanner.exe [15012440 2021-01-05] (ESET, spol. s r.o. -> ESET spol. s r.o.)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATENCIÓN (Restricción - ProxySettings)
AutoConfigURL: [HKLM] => hxxp://127.0.0.1:86/
AutoConfigURL: [HKLM-x32] => hxxp://127.0.0.1:86/
AutoConfigURL: [{16B07233-1D73-4CF8-B806-0A1547523DE1}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{19CC2658-B2D5-45B0-B001-BDBBC0EC2F65}] => hxxp://127.0.0.1:86/
AutoConfigURL: [{F5A3A348-A5AC-49BF-BE7D-FC9BDA043E22}] => hxxp://127.0.0.1:86/
AutoConfigURL: [.DEFAULT] => hxxp://127.0.0.1:86/
AutoConfigURL: [S-1-5-21-4202004038-1327707918-1336093133-1001] => hxxp://127.0.0.1:86/
Tcpip\Parameters: [DhcpNameServer] 200.42.4.210 200.49.130.52 200.49.130.52
Tcpip\..\Interfaces\{4d129e86-2cd3-468f-8bb7-6966ccda929f}: [DhcpNameServer] 192.168.1.5 192.168.1.7 192.168.1.23 8.8.8.8
Tcpip\..\Interfaces\{8814ae54-ab1b-477d-8f95-345652c9c968}: [DhcpNameServer] 150.204.1.2
Tcpip\..\Interfaces\{b03d2a55-1901-4a4f-b46b-65142419dcd2}: [DhcpNameServer] 200.42.4.210 200.49.130.52 200.49.130.52
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restricción <==== ATENCIÓN

Edge: 
======
Edge Profile: C:\Users\guill\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-06]
Edge Extension: (Cisco Webex Extension) - C:\Users\guill\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2021-01-06]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default [2021-01-06]
CHR Notifications: Default -> hxxps://forospyware.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/?gfe_rd=cr&ei=jUAOWJmjJpSDxgT8mYFg&gws_rd=ssl","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Traductor de Google) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-01-06]
CHR Extension: (Presentaciones) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-06]
CHR Extension: (Documentos) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-06]
CHR Extension: (Google Drive) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-06]
CHR Extension: (Dimensions) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\baocaagndhipibgklemoalmkljaimfdj [2021-01-06]
CHR Extension: (MEGA) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-01-06]
CHR Extension: (YouTube) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-06]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-06]
CHR Extension: (Dropbox para Gmail) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-01-06]
CHR Extension: (Hojas de cálculo) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-06]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-06]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-06]
CHR Extension: (Download Link Generator for Drive™) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilhlicblaojlghndblbncdehbakkebim [2021-01-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-06]
CHR Extension: (Free HTML Editor for Gmail by cloudHQ) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioinaaeeacahcmbgfmeaaofhfkijpdeb [2021-01-06]
CHR Extension: (Hangouts de Google) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-01-06]
CHR Extension: (Botón de Google Académico) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2021-01-06]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2021-01-06]
CHR Extension: (SelectorGadget) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjhnkcfbdhnjickkkdbjoemdmbfginb [2021-01-06]
CHR Extension: (Google Mail Checker) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2021-01-06]
CHR Extension: (MeddleMonkey) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihledlmchhofenpacbhphnbnpakgmo [2021-01-06]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-06]
CHR Extension: (Vimeo repeat & speed) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\noonakfaafcdaagngpjehilgegefdima [2021-01-06]
CHR Extension: (Outlook.com) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2021-01-06]
CHR Extension: (Gmail) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\guill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-08-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-12-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\Windows\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2020-12-17] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1295000 2020-07-28] (McAfee, LLC -> McAfee, LLC)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [628920 2019-09-06] (CyberLink Corp. -> CyberLink)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16832 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469472 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216984 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326064 2020-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [52688 2020-05-21] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2020-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [428256 2020-09-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-01-06 03:36 - 2021-01-06 03:36 - 000031582 _____ C:\Users\guill\Downloads\FRST.txt
2021-01-06 03:35 - 2021-01-06 03:36 - 000000000 ____D C:\FRST
2021-01-06 03:35 - 2021-01-06 03:35 - 002282496 _____ (Farbar) C:\Users\guill\Downloads\FRST64.exe
2021-01-06 03:09 - 2021-01-06 03:09 - 000003313 _____ C:\Users\guill\Documents\ZHPCleaner.txt
2021-01-06 02:55 - 2021-01-06 02:55 - 000003005 _____ C:\Users\guill\Desktop\ZHPCleaner (S).txt
2021-01-06 02:40 - 2021-01-06 02:40 - 000009587 _____ C:\Users\guill\Documents\Spybot Scan Results.210106-0240.txt
2021-01-06 02:18 - 2021-01-06 02:18 - 000001552 _____ C:\Users\guill\Documents\Malwarebytes.txt
2021-01-05 20:24 - 2021-01-05 20:24 - 000000607 _____ C:\Users\guill\Desktop\tema.txt
2021-01-05 19:42 - 2021-01-06 03:12 - 000010101 _____ C:\Users\guill\Desktop\ZHPCleaner (R).html
2021-01-05 19:42 - 2021-01-06 03:12 - 000003414 _____ C:\Users\guill\Desktop\ZHPCleaner (R).txt
2021-01-05 19:37 - 2021-01-06 02:55 - 000009523 _____ C:\Users\guill\Desktop\ZHPCleaner (S).html
2021-01-05 19:37 - 2021-01-05 19:55 - 000003579 _____ C:\Users\Public\Desktop\ZHPCleaner (S).txt
2021-01-05 19:30 - 2021-01-06 03:12 - 000000000 ____D C:\Users\guill\AppData\Roaming\ZHP
2021-01-05 19:30 - 2021-01-05 19:49 - 000000886 _____ C:\Users\guill\Desktop\ZHPCleaner.lnk
2021-01-05 19:30 - 2021-01-05 19:30 - 000000000 ____D C:\Users\guill\AppData\Local\ZHP
2021-01-05 19:21 - 2021-01-05 19:21 - 003340936 _____ (Nicolas Coolman) C:\Users\guill\Downloads\ZHPCleaner.exe
2021-01-05 05:03 - 2021-01-05 05:03 - 000003800 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-01-05 05:03 - 2021-01-05 05:03 - 000003358 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-01-05 04:53 - 2021-01-05 04:53 - 000000789 _____ C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-01-05 04:53 - 2021-01-05 04:53 - 000000661 _____ C:\Users\guill\Desktop\ESET Online Scanner.lnk
2021-01-05 04:53 - 2021-01-05 04:53 - 000000000 ____D C:\Users\guill\AppData\Local\ESET
2021-01-05 04:50 - 2021-01-05 04:51 - 015012440 _____ (ESET spol. s r.o.) C:\Users\guill\Downloads\esetonlinescanner.exe
2021-01-05 04:14 - 2021-01-05 04:14 - 000000545 _____ C:\Windows\wininit.ini
2021-01-05 03:29 - 2021-01-06 03:20 - 000000000 ____D C:\Windows\system32\Tasks\PowerToys
2021-01-05 03:29 - 2021-01-05 03:29 - 000002690 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview).lnk
2021-01-05 03:29 - 2021-01-05 03:29 - 000000000 ____D C:\Program Files\PowerToys
2021-01-05 03:25 - 2021-01-05 03:27 - 000000000 ____D C:\AdwCleaner
2021-01-05 03:25 - 2021-01-05 03:25 - 008447152 _____ (Malwarebytes) C:\Users\guill\Downloads\adwcleaner_8.0.8.exe
2021-01-05 03:20 - 2021-01-05 03:20 - 000000000 ____D C:\Windows\ABR
2021-01-05 03:20 - 2021-01-05 03:20 - 000000000 ____D C:\Users\guill\Downloads\Backups
2021-01-05 03:16 - 2021-01-05 03:16 - 006875040 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\guill\Downloads\HiJackThis.exe
2021-01-05 03:12 - 2020-08-12 00:18 - 000000893 _____ C:\Windows\system32\Drivers\etc\hosts.20210105-031246.backup
2021-01-05 03:07 - 2021-01-06 03:20 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-01-05 03:07 - 2021-01-05 04:14 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-01-05 03:07 - 2021-01-05 03:07 - 000001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2021-01-05 03:07 - 2021-01-05 03:07 - 000001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2021-01-05 03:07 - 2021-01-05 03:07 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2021-01-05 03:07 - 2021-01-05 03:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2021-01-05 03:07 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2021-01-05 03:06 - 2021-01-05 03:06 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\guill\Downloads\spybotsd-2.7.64.0.exe
2020-12-30 17:35 - 2020-12-30 17:35 - 003222517 _____ C:\Users\guill\Downloads\fwdaperturadeexpedienten8482020semanadelacienc.zip
2020-12-30 00:46 - 2020-05-21 21:05 - 000052688 _____ (Lenovo Group Ltd.) C:\Windows\system32\Drivers\FBNetFlt.sys
2020-12-27 11:11 - 2020-12-27 11:11 - 000036397 _____ C:\Users\guill\Downloads\20329690270_011_00003_00000048.pdf
2020-12-23 15:03 - 2020-12-23 15:03 - 000383451 _____ C:\Users\guill\Downloads\Pasión por la Lectura.xlsx
2020-12-23 14:49 - 2020-12-23 14:49 - 002102921 _____ C:\Users\guill\Desktop\Modelo de Estimación Poblacional con Visión Computariza en Barrios Populares de PBA - Informe Técnico y de Resultados (1) (1).pdf
2020-12-22 14:45 - 2020-12-22 14:45 - 000282710 _____ C:\Users\guill\Downloads\el_arte_de_ser_feliz.pdf
2020-12-22 14:04 - 2020-12-22 14:04 - 000489626 _____ C:\Users\guill\Desktop\la-socieadad-del-cansancio.pdf
2020-12-21 16:19 - 2020-12-21 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-21 11:07 - 2020-12-21 11:07 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2020-12-21 11:07 - 2020-12-21 11:07 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2020-12-21 11:07 - 2020-12-21 11:07 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2020-12-21 11:07 - 2020-12-21 11:07 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2020-12-21 04:08 - 2020-12-21 04:09 - 000000000 ____D C:\Users\guill\Desktop\Bioquimica
2020-12-21 00:11 - 2021-01-01 04:00 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-12-21 00:10 - 2020-12-21 00:10 - 000340576 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-12-21 00:10 - 2020-12-21 00:10 - 000216984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-12-18 18:00 - 2020-12-18 18:00 - 000000000 ____D C:\Users\guill\Downloads\Scott Card_ Orson y_ Johnston_ Aaron
2020-12-18 17:59 - 2020-12-18 17:59 - 000485926 _____ C:\Users\guill\Downloads\(Segunda Guerra Formica 01) El Enjambre by Orson Scott Card, Aaron Johnston (z-lib.org).epub
2020-12-17 17:58 - 2020-12-17 17:58 - 000035741 _____ C:\Users\guill\Downloads\20329690270_011_00003_00000047.pdf
2020-12-17 11:42 - 2020-12-17 11:42 - 000006470 _____ C:\Users\guill\Downloads\E12517-Examen escrito Teoría de la organización y la organización industrial-calificaciones.xlsx
2020-12-17 11:41 - 2020-12-17 11:41 - 000007231 _____ C:\Users\guill\Downloads\E12517-Examen escrito Teoría de la organización y la organización industrial-calificaciones.csv
2020-12-17 03:06 - 2020-12-17 03:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-12-17 03:05 - 2020-12-17 03:05 - 000000000 ____D C:\Program Files\Logitech
2020-12-15 12:47 - 2020-12-28 02:57 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-12-15 04:12 - 2020-12-18 19:14 - 000013183 _____ C:\Users\guill\Downloads\metadata_db_prefs_backup.json
2020-12-15 04:01 - 2020-12-15 04:01 - 000000000 ____D C:\Users\guill\Downloads\Charles Dickens
2020-12-15 03:56 - 2020-12-15 03:56 - 000000000 ____D C:\Users\guill\Downloads\Orson Scott Card
2020-12-15 03:56 - 2020-12-15 03:56 - 000000000 ____D C:\Users\guill\AppData\Local\calibre-parallel
2020-12-15 03:53 - 2020-12-18 18:00 - 000413696 _____ C:\Users\guill\Downloads\metadata.db
2020-12-15 03:52 - 2020-12-15 03:52 - 000437203 _____ C:\Users\guill\Downloads\Ender en el exilio by Card Orson Scott (z-lib.org).epub
2020-12-15 03:48 - 2020-12-15 03:48 - 000638558 _____ C:\Users\guill\Downloads\La sombra de Ender by Card Orson Scott (z-lib.org).epub
2020-12-15 02:52 - 2020-12-15 02:52 - 001428706 _____ C:\Users\guill\Downloads\bioqui finalr.pdf
2020-12-14 16:59 - 2020-12-14 16:59 - 000008382 _____ C:\Users\guill\Downloads\ComprobantePagoRealizado.pdf
2020-12-14 13:51 - 2020-12-14 13:51 - 000000000 ____D C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-12-14 01:25 - 2020-12-14 01:25 - 029518536 _____ (TeamViewer Germany GmbH) C:\Users\guill\Downloads\TeamViewer_Setup.exe
2020-12-14 00:42 - 2020-12-14 00:42 - 030536752 _____ (Piriform Software Ltd) C:\Users\guill\Downloads\ccsetup575.exe
2020-12-14 00:41 - 2020-12-14 00:41 - 000034768 _____ C:\Users\guill\Documents\cc_20201214_004103.reg
2020-12-13 20:34 - 2020-12-13 20:34 - 000036368 _____ C:\Users\guill\Downloads\20329690270_011_00003_00000046.pdf
2020-12-13 14:25 - 2020-12-13 14:25 - 000002638 _____ C:\Users\guill\Desktop\malwamalre.txt
2020-12-13 05:35 - 2020-12-13 05:35 - 032902926 _____ C:\Users\guill\Downloads\Bioquimica 3° Parcial.pdf
2020-12-13 05:33 - 2020-12-13 05:34 - 014764311 _____ C:\Users\guill\Downloads\Bioquimica 2° Parcial.pdf
2020-12-13 05:32 - 2020-12-13 05:32 - 021973187 _____ C:\Users\guill\Downloads\Bioquimica 1° Parcial.pdf
2020-12-13 05:24 - 2020-12-13 05:25 - 009083776 _____ C:\Users\guill\Downloads\Bioquimica Emma.pdf
2020-12-12 16:09 - 2021-01-05 04:37 - 000000220 _____ C:\Users\guill\Desktop\buscador.txt
2020-12-12 15:36 - 2020-12-12 15:36 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-12 15:36 - 2020-12-12 15:36 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-12-12 15:36 - 2020-12-12 15:36 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-12-12 15:36 - 2020-12-12 15:36 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-12-12 15:36 - 2020-12-12 15:36 - 000002004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-12 15:36 - 2020-12-12 15:36 - 000001992 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-12 15:36 - 2020-12-12 15:36 - 000000000 ____D C:\Users\guill\AppData\Local\mbam
2020-12-12 15:36 - 2020-12-12 15:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-12 15:35 - 2020-12-12 15:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-12 15:33 - 2020-12-12 15:33 - 002086424 _____ (Malwarebytes) C:\Users\guill\Downloads\MBSetup.exe
2020-12-12 13:57 - 2020-12-12 13:57 - 000346048 _____ C:\Users\guill\Downloads\examen final 14-12-2020 grupos vínculos 11 h.pdf
2020-12-12 13:57 - 2020-12-12 13:57 - 000272222 _____ C:\Users\guill\Downloads\examen final 14-12-2020 detalle vínculos 11 h.pdf
2020-12-12 13:47 - 2020-12-21 09:35 - 000002238 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-12-12 13:47 - 2020-12-12 13:47 - 000000000 ___HD C:\$AV_ASW
2020-12-12 00:25 - 2020-12-21 09:35 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-12 00:25 - 2020-12-21 09:35 - 000003484 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-12 00:25 - 2020-12-21 09:35 - 000003284 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-12 00:25 - 2020-12-21 09:35 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-11 20:41 - 2020-12-11 20:41 - 006774298 _____ C:\Users\guill\Downloads\fwdlineasdetrabajoydems.zip
2020-12-11 16:36 - 2020-12-11 16:37 - 103551027 _____ C:\Users\guill\Downloads\Bioquímica resúmenes-20201211T193600Z-001.zip
2020-12-11 04:38 - 2020-12-11 05:17 - 000011453 _____ C:\Users\guill\Downloads\courseid_2555_participants (3).xlsx
2020-12-11 04:38 - 2020-12-11 04:43 - 000010923 _____ C:\Users\guill\Downloads\courseid_2555_participants (2).xlsx
2020-12-11 04:37 - 2020-12-11 04:43 - 000011299 _____ C:\Users\guill\Downloads\courseid_2555_participants (1).xlsx
2020-12-11 04:35 - 2020-12-11 04:35 - 000008370 _____ C:\Users\guill\Downloads\courseid_2555_participants.xlsx
2020-12-10 15:27 - 2020-12-10 15:28 - 000004122 _____ C:\Users\guill\Downloads\transferencia.pdf
2020-12-10 00:07 - 2020-12-10 00:07 - 002045952 _____ C:\Windows\system32\rdpnano.dll
2020-12-10 00:07 - 2020-12-10 00:07 - 001756600 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-12-10 00:07 - 2020-12-10 00:07 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-12-10 00:07 - 2020-12-10 00:07 - 000171008 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2020-12-10 00:07 - 2020-12-10 00:07 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ncpa.cpl
2020-12-10 00:07 - 2020-12-10 00:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncpa.cpl
2020-12-10 00:07 - 2020-12-10 00:07 - 000059392 _____ C:\Windows\system32\runexehelper.exe
2020-12-10 00:07 - 2020-12-10 00:07 - 000001370 _____ C:\Windows\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 00:07 - 2020-12-10 00:07 - 000000357 _____ C:\Windows\system32\DrtmAuth14.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000357 _____ C:\Windows\system32\DrtmAuth13.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth18.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth17.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth16.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth15.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-12-10 00:07 - 2020-12-10 00:07 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-12-09 20:07 - 2020-12-09 20:07 - 000000401 _____ C:\Users\guill\Downloads\nora 9-12.txt
2020-12-09 17:37 - 2020-12-09 17:37 - 001910484 _____ C:\Users\guill\Downloads\EPH_usu_2_Trim_2020_txt.zip

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-01-06 03:26 - 2019-12-28 18:08 - 000786866 _____ C:\Windows\system32\perfh00A.dat
2021-01-06 03:26 - 2019-12-28 18:08 - 000153756 _____ C:\Windows\system32\perfc00A.dat
2021-01-06 03:26 - 2019-12-28 09:24 - 001768630 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-06 03:26 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2021-01-06 03:22 - 2020-08-12 22:37 - 000000000 ____D C:\Program Files\CCleaner
2021-01-06 03:21 - 2020-09-06 02:46 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-06 03:21 - 2020-08-08 03:23 - 000000000 ____D C:\Users\guill\AppData\Local\CrashDumps
2021-01-06 03:21 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-06 03:20 - 2020-10-15 02:06 - 000000000 ____D C:\Users\guill\AppData\Roaming\ColorPicker
2021-01-06 03:20 - 2020-09-18 14:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-06 03:20 - 2019-12-28 09:23 - 000019781 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-01-06 03:20 - 2019-12-28 09:23 - 000017712 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-01-06 03:20 - 2019-12-28 09:23 - 000014558 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-01-06 03:20 - 2019-12-28 09:23 - 000000134 _____ C:\Windows\system32\regtest.txt
2021-01-06 03:20 - 2019-10-17 01:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-06 03:20 - 2019-03-19 01:37 - 001048576 _____ C:\Windows\system32\config\BBI
2021-01-06 03:05 - 2019-10-17 01:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-01-05 20:09 - 2020-08-08 00:25 - 000001205 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2021-01-05 19:55 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2021-01-05 04:28 - 2020-11-10 20:06 - 000000000 ____D C:\Users\guill\AppData\Local\ElevatedDiagnostics
2021-01-05 03:12 - 2020-09-12 02:29 - 000000000 ____D C:\Users\Administrador
2021-01-02 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-12-30 00:46 - 2020-08-07 17:16 - 000000000 ____D C:\Windows\TempInst
2020-12-28 02:54 - 2019-12-28 09:15 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-27 12:30 - 2020-08-09 01:33 - 000000000 ____D C:\Users\guill\AppData\Roaming\WhatsApp
2020-12-27 12:30 - 2020-08-07 20:58 - 000000000 ____D C:\Users\guill\AppData\Roaming\RStudio
2020-12-27 12:30 - 2020-08-07 20:58 - 000000000 ____D C:\Users\guill\AppData\Local\RStudio-Desktop
2020-12-25 20:54 - 2020-09-22 03:22 - 000000000 ____D C:\Users\guill\Downloads\0 - UNPAZ - UNAJ
2020-12-25 20:53 - 2020-08-07 17:04 - 000000000 ____D C:\Users\guill\AppData\Local\Packages
2020-12-21 16:19 - 2020-08-07 17:15 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-21 09:35 - 2020-12-02 12:33 - 000002560 _____ C:\Windows\system32\Tasks\InstallShield® Setup Engine Kernel
2020-12-21 09:35 - 2020-11-22 20:18 - 000002920 _____ C:\Windows\system32\Tasks\Optimize Thumbnail Cache
2020-12-21 09:35 - 2020-09-06 02:47 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-12-21 09:10 - 2020-08-09 00:53 - 000000000 ____D C:\Users\guill\Documents\Zoom
2020-12-21 00:10 - 2020-10-15 19:24 - 000176384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000851256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000522480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000469472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000332880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000326064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000247888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000208672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000108928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000097360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000084496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000042424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000036792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-12-21 00:10 - 2020-09-06 02:47 - 000016832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-12-21 00:10 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-12-19 16:23 - 2020-08-09 16:51 - 000002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-17 03:05 - 2020-09-14 12:44 - 000000000 ____D C:\Users\guill\AppData\Local\Deployment
2020-12-16 15:45 - 2020-08-09 01:33 - 000000000 ____D C:\Users\guill\AppData\Local\WhatsApp
2020-12-16 15:45 - 2020-08-09 01:33 - 000000000 ____D C:\Users\guill\AppData\Local\SquirrelTemp
2020-12-15 03:59 - 2020-11-28 03:36 - 000000000 ____D C:\Users\guill\AppData\Roaming\calibre
2020-12-15 03:57 - 2020-11-28 03:38 - 000000000 ____D C:\Users\guill\AppData\Local\calibre-cache
2020-12-14 13:51 - 2020-08-09 00:51 - 000000000 ____D C:\Users\guill\AppData\Roaming\Zoom
2020-12-14 00:43 - 2020-08-07 17:21 - 000000000 ____D C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2020-12-13 22:04 - 2020-08-09 17:17 - 000000000 ____D C:\Users\guill\Downloads\6 - Software
2020-12-13 20:34 - 2020-09-01 16:55 - 000000000 ____D C:\Users\guill\Downloads\4 - Nora
2020-12-13 17:46 - 2020-11-27 11:44 - 000000000 ____D C:\Users\guill\Downloads\Bioquimica
2020-12-13 14:26 - 2020-08-07 17:04 - 000011268 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-12-13 14:20 - 2020-08-07 17:17 - 000000000 ___RD C:\Users\guill\Dropbox
2020-12-12 00:31 - 2020-08-07 17:10 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-12 00:23 - 2020-08-07 17:04 - 000000000 ___RD C:\Users\guill\3D Objects
2020-12-12 00:23 - 2019-10-17 01:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-12 00:23 - 2019-10-17 01:06 - 000441496 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-12 00:22 - 2020-09-28 04:39 - 000124511 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\oobe
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\es-MX
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Dism
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-12 00:22 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-11 21:27 - 2020-08-07 18:27 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 17:12 - 2020-10-28 01:57 - 000000000 ____D C:\Users\guill\AppData\Roaming\vlc
2020-12-10 00:09 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-12-09 17:39 - 2020-08-07 20:58 - 000000000 ____D C:\Users\guill\AppData\Local\RStudio
2020-12-09 17:29 - 2020-08-07 20:59 - 000000000 _____ C:\Users\guill\Documents\.Rhistory
2020-12-07 17:32 - 2020-08-26 04:54 - 000000000 ____D C:\Users\guill\Downloads\3 - Farmacologia

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Guillef · 6 Enero, 2021 06:56

Addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-01-2021
Ejecutado por guill (06-01-2021 03:37:20)
Ejecutado desde C:\Users\guill\Downloads
Windows 10 Home Versión 1909 18363.1256 (X64) (2020-08-08 02:26:15)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-4202004038-1327707918-1336093133-500 - Administrator - Disabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-4202004038-1327707918-1336093133-503 - Limited - Disabled)
guill (S-1-5-21-4202004038-1327707918-1336093133-1001 - Administrator - Enabled) => C:\Users\guill
Invitado (S-1-5-21-4202004038-1327707918-1336093133-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4202004038-1327707918-1336093133-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: VirusScan de McAfee  (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Amazon Redshift ODBC Driver 64-bit (HKLM\...\{788C401A-726B-4CE7-8BC2-89FD7967A6ED}) (Version: 1.3.7.1000 - Amazon Corporate LLC)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version:  - Boris FX, Inc.)
calibre 64bit (HKLM\...\{F67BD1CB-5D5E-4164-A821-B7D040027E3B}) (Version: 5.6.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cisco Webex Meetings (HKLM-x32\...\{E6DA38F7-BA12-F157-2773-835D3D043C6A}) (Version: 40.9.6.11 - Cisco Webex LLC)
CyberLink PowerDirector 18 (HKLM-x32\...\{5C6A88EF-7090-4B7A-A7C2-7AC51C27D2B5}) (Version: 18.0.2725.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 113.3.427 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.379.1 - Dropbox, Inc.) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.56.5320 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Lenovo Migration Assistant (HKLM\...\Lenovo Migration Assistant_is1) (Version: 2.1.2.32 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.36.86 - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{5F9345E2-76B2-4639-AD3B-DB2ABC716930}) (Version: 17.1.0.1 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.6 (x64) (HKLM-x32\...\{7bc97a3a-1c5c-4743-bba3-f20f8eb448b8}) (Version: 3.1.6.29016 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
Nitro Pro (HKLM\...\{9EB12901-D9A4-41DF-9950-CABFFBF16F79}) (Version: 13.19.2.356 - Nitro)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de gráficos 442.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenVPN 2.4.9-I601-Win10  (HKLM\...\OpenVPN) (Version: 2.4.9-I601-Win10 - OpenVPN Technologies, Inc.)
PowerToys (Preview) (HKLM\...\{06FB95EE-F4F6-4F61-9BDA-2D94BEFB46D3}) (Version: 0.29.3 - Microsoft Corporation)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
psqlODBC_x64 (HKLM\...\{3F8971B0-061B-4163-9D3F-EA94151B2FCF}) (Version: 09.06.0504 - PostgreSQL Global Development Group)
R for Windows 4.0.2 (HKLM\...\R for Windows 4.0.2_is1) (Version: 4.0.2 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 1.3.1056 - RStudio)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Tableau Public 2020.3 (20203.20.0918.1727) (HKLM\...\{DC6D79B4-4135-4EB6-80BB-36BF2C79FE6C}) (Version: 20.3.29466 - Tableau Software) Hidden
Tableau Public 2020.3 (20203.20.0918.1727) (HKLM-x32\...\{31e05f41-75d7-4498-805b-609e56296194}) (Version: 20.3.29466 - Tableau Software)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
uTorrent Web (HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\utweb) (Version: 1.1.1 - BitTorrent, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebAdvisor de McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.177 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\WhatsApp) (Version: 2.2049.10 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8  - Winamp SA)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)

Packages:
=========
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-15] (INTEL CORP) [Startup Task]
Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-14] (Microsoft Corporation)
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20500.501.0_x64__rz1tebttyb220 [2019-12-28] (Dolby Laboratories)
Extensión de video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-08-07] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-09-26] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-09-30] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
Minesweeper Simple -> C:\Program Files\WindowsApps\56316PuzzleGamesKing.MinesweeperSimple_1.2.0.0_x64__4w41vhw6sm4b8 [2020-10-31] (Puzzle Games King) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-07] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-08-07] (NVIDIA Corp.)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.10.0_neutral__egxr34yet59cg [2020-10-26] (Paddy Xu) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-08-09] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-16] (Spotify AB) [Startup Task]
Tu Teléfono -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe [2020-11-14] (Microsoft Corporation)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001_Classes\CLSID\{344B86FB-E5B3-4318-BD31-0BAFACBBE12D} -> [Proyectos R] => C:\Users\guill\Documents\Proyectos R [2020-08-08 03:12]
CustomCLSID: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001_Classes\CLSID\{C7CE7CE9-3967-49FB-9FFD-724C8C9C8073} -> [Mega] => C:\Users\guill\Documents\Mega [2020-08-08 03:11]
CustomCLSID: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\guill\Dropbox [2020-08-07 17:17]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2020-05-22] (Nitro Software, Inc. -> Nitro Software, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerRenameExt.dll [2020-12-31] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guill\AppData\Local\MEGAsync\ShellExtX64.dll [2020-11-20] (Mega Limited -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-09-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_c8af195ee1543133\nvshext.dll [2020-06-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\system32\prodad-codec.dll [607256 2019-09-06] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\guill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hangouts de Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\guill\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c608ac704b9af68b\Free HTML Editor for Gmail by cloudHQ.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ioinaaeeacahcmbgfmeaaofhfkijpdeb

==================== Módulos cargados (Lista blanca) =============

2020-09-15 23:31 - 2020-09-15 23:31 - 000355840 _____ () [Archivo no firmado] C:\Program Files\PowerToys\modules\launcher\Mono.Cecil.dll
2020-10-26 22:26 - 2020-10-26 22:27 - 000163840 _____ () [Archivo no firmado] C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.10.0_neutral__egxr34yet59cg\Package\QuickLook.Native64.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [Archivo no firmado] C:\Program Files\Common Files\Dolby\DAX3\RADARHOST\EasyHook64.dll
2020-12-31 17:07 - 2020-12-31 17:07 - 000006144 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files\PowerToys\modules\launcher\ManagedTelemetry.dll
2019-12-28 09:15 - 2019-12-28 09:15 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2019-12-28 09:15 - 2019-12-28 09:15 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2020-08-22 10:31 - 2020-08-22 10:31 - 000817152 _____ (NLog) [Archivo no firmado] C:\Program Files\PowerToys\modules\launcher\NLog.dll
2020-08-27 20:03 - 2020-08-27 20:03 - 000046080 _____ (NLog) [Archivo no firmado] C:\Program Files\PowerToys\modules\launcher\NLog.Extensions.Logging.dll
2020-08-09 18:02 - 2020-07-09 02:36 - 000944840 _____ (SQLite Development Team) [Archivo no firmado] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-10-12 22:38 - 2020-10-12 22:38 - 000052224 _____ (Tatham Oddie & friends) [Archivo no firmado] C:\Program Files\PowerToys\modules\launcher\System.IO.Abstractions.dll
2020-04-28 00:05 - 2020-04-28 00:05 - 006164600 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Archivo no firmado] C:\Users\guill\AppData\Local\MEGAsync\Qt5Core.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001 -> DefaultScope {D8F6AAF6-53E5-493F-AB29-144E391E0E93} URL = 
SearchScopes: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001 -> {D8F6AAF6-53E5-493F-AB29-144E391E0E93} URL = 
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-12-17] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-12-17] (McAfee, LLC -> McAfee, LLC)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-13] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Hay 7940 más sitios.

IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\123simsen.com -> www.123simsen.com

Hay 7940 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2020-08-12 00:18 - 2021-01-05 03:20 - 000000828 ____N C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 200.42.4.210 - 200.49.130.52
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WebexService => 3
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4202004038-1327707918-1336093133-1001\...\StartupApproved\Run: => "utweb"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{A89D4644-550B-40CF-8317-B06FBD6450B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A4A7A11-D3A7-4770-B289-FE1C53F6725C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4291423-6471-4842-A3F6-CB7F337FF53A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8966A6CB-9299-4A44-A164-86A4E47A2D42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{923D2E71-EDC1-41B3-A882-5302D49E60CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C631E8CA-4C7B-4879-8E07-4693939E6A31}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38C164B8-8452-4450-B512-55C55853BDD8}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{07332E31-812B-483F-9817-8898A6F6E936}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{1AC8D9E0-84E8-4308-831F-A4C0FBA3E3E7}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe (Lenovo -> )
FirewallRules: [{8C8B33D4-25B5-4AEA-B64D-CCA7220A0680}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe (Lenovo -> )
FirewallRules: [{620BD57E-E13C-4700-A30C-1971169638B7}] => (Allow) C:\Users\guill\AppData\Roaming\Zoom\bin\Zoom.exe => Ningún archivo
FirewallRules: [{039ABFD8-66E6-4C53-B2EB-0F1493FE9D7D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E8B8D58-B783-4B05-BEBE-3CD0302905BA}] => (Allow) LPort=2869
FirewallRules: [{1645F3FF-13A6-4B93-92D8-A1250486E749}] => (Allow) LPort=1900
FirewallRules: [{053FAE3F-024A-42AD-8D26-E7C68BA451BD}] => (Allow) C:\Users\guill\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [{357A4834-CDD4-40D6-A0EF-AA16BA8F6A5C}] => (Allow) C:\Users\guill\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{CD9B6F1C-C6CA-46A3-9399-88A801AE9323}C:\program files\rstudio\bin\rsession.exe] => (Allow) C:\program files\rstudio\bin\rsession.exe (RStudio, PBC) [Archivo no firmado]
FirewallRules: [UDP Query User{5906C14E-E24C-4629-821E-BBB9F05989D7}C:\program files\rstudio\bin\rsession.exe] => (Allow) C:\program files\rstudio\bin\rsession.exe (RStudio, PBC) [Archivo no firmado]
FirewallRules: [{AAC7D370-87A2-49F5-84C4-0335996BFFDE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D52163AE-A769-4FA1-8EBE-4D0AFBC27670}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{DA1A6332-0D75-4830-8D4C-2CB420BD53D0}] => (Allow) C:\Users\guill\AppData\Roaming\Zoom\bin\Zoom.exe => Ningún archivo
FirewallRules: [{38269C2A-AD29-4D72-B0CD-126BEA230E5F}] => (Allow) C:\Users\guill\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [{6EFC6C98-8328-4FC7-9333-E3A19262A62B}] => (Allow) C:\Users\guill\AppData\Roaming\Zoom\bin\airhost.exe => Ningún archivo
FirewallRules: [TCP Query User{82DB35D1-790E-422E-B458-949859ADF367}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{75BEC3CD-2F82-478C-A4C4-8C30F85F362B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D35F6CEA-1029-42AF-AE68-4FC3D8AADE3B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8F785439-5F42-44FD-B58A-A889A94F5B5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70782D27-FCD7-4DBE-962B-E2A4AE76F23B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{673B92E1-43EF-4205-AC1C-0127F25CA536}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C17EA345-6A77-4689-B80C-D7BAD41BD86B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65B10431-4C36-4B65-A62C-A25F861775FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5A3EE9CA-B40E-48CC-A42A-DA1148CA29A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3358A516-43B2-43F4-85D0-5C8C162FB344}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5491990-5437-43A0-B72A-E37216445968}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{021F94C0-D872-4B7E-BEE8-E93675BC91C9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EBE92FC0-96E2-4113-A72A-280339F045D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8E7D8A31-AF9A-4AF1-B791-931729FDD0F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53FABC97-0606-4009-B5B7-67ABAA00D845}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{108113E1-33A8-4182-A549-3821C81978C5}] => (Allow) LPort=1688
FirewallRules: [{8754A26D-D659-4E2B-92FE-495927FD8D1B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{181F525E-F4A4-4170-A22E-E35CF54A2E59}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{23D736DD-0F7F-46EE-A880-C0DE777713A1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1C99A169-EFB3-4EA3-A626-1A6CAE948DF8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{44421663-98A2-4E02-B33D-6D5AB83E8387}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EA63452D-408F-4627-B19A-A47F7D1D4F4C}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{ACBEDF8A-2136-4A35-95DC-21D8F00A5A41}C:\users\guill\appdata\roaming\zoom\bin_00\zoom.exe] => (Allow) C:\users\guill\appdata\roaming\zoom\bin_00\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{BF417CC3-A016-4298-B4CE-B152D062E5E0}C:\users\guill\appdata\roaming\zoom\bin_00\zoom.exe] => (Allow) C:\users\guill\appdata\roaming\zoom\bin_00\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6A150EEB-AA0E-44E4-93A9-1F24DBD5390E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Puntos de Restauración =========================

06-01-2021 03:11:38 ZHPcleaner

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (01/06/2021 03:38:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:24:06Z. Código de error: 0x80070002.

Error: (01/06/2021 03:37:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:23:36Z. Código de error: 0x80070002.

Error: (01/06/2021 03:37:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:24:06Z. Código de error: 0x80070002.

Error: (01/06/2021 03:36:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:23:36Z. Código de error: 0x80070002.

Error: (01/06/2021 03:36:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:24:06Z. Código de error: 0x80070002.

Error: (01/06/2021 03:35:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:23:36Z. Código de error: 0x80070002.

Error: (01/06/2021 03:35:06 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:24:06Z. Código de error: 0x80070002.

Error: (01/06/2021 03:34:36 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: No se pudo programar el servicio de protección de software para reiniciarse a las 2021-01-11T03:23:36Z. Código de error: 0x80070002.


Errores del sistema:
=============
Error: (01/06/2021 03:21:45 AM) (Source: DCOM) (EventID: 10010) (User: GUILLERMO-NTB)
Description: El servidor Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/06/2021 03:20:43 AM) (Source: DCOM) (EventID: 10010) (User: GUILLERMO-NTB)
Description: El servidor Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/06/2021 03:20:40 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.

Error: (01/06/2021 03:20:36 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.

Error: (01/05/2021 08:39:30 PM) (Source: DCOM) (EventID: 10010) (User: GUILLERMO-NTB)
Description: El servidor Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/05/2021 08:10:36 PM) (Source: DCOM) (EventID: 10010) (User: GUILLERMO-NTB)
Description: El servidor Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/05/2021 08:09:36 PM) (Source: DCOM) (EventID: 10010) (User: GUILLERMO-NTB)
Description: El servidor Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca no se registró con DCOM dentro del tiempo de espera requerido.

Error: (01/05/2021 08:09:33 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.


Windows Defender:
===================================
Date: 2020-08-07 17:07:48.663
Description: 
Antivirus de Windows Defender encontró un error al intentar cargar la inteligencia de seguridad e intentará revertir a una versión que sepa que es correcta.
Inteligencia de seguridad intentada: Actual
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Versión de inteligencia de seguridad: 0.0.0.0;0.0.0.0
Versión del motor: 0.0.0.0

CodeIntegrity:
===================================

Date: 2021-01-06 03:36:41.654
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.633
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.289
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.175
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.174
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.157
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.154
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-06 03:36:11.141
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO BHCN35WW 11/23/2019
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i7-9750HF CPU @ 2.60GHz
Porcentaje de memoria en uso: 37%
RAM física total: 16304.24 MB
RAM física disponible: 10218.46 MB
Virtual total: 29104.24 MB
Virtual disponible: 21027.99 MB

==================== Unidades ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:284.98 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:906.15 GB) NTFS

\\?\Volume{061c24e6-73b8-4ea1-abb4-070e005f3781}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{215455ed-fdd0-4fe6-bf02-67fd62cb67d1}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: B1494100)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 348B8EB9)

Partition: GPT.

==================== Final de Addition.txt =======================