Solicitud de ayuda para limpiar equipo

Hola amigos. Uno de mis pequeños ha hecho estragos con la máquina y la situación se ha tornado insostenible. Mi más reciente intento radicó en instalar MalwareBytes pero no lo puedo ejecutar.

Leyendo el foro me adelanté lo que pude así que dejo logs de FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-03-2020
Ejecutado por Usuario (administrador) sobre DELL-VOSTRO (Dell Inc. Vostro 270) (12-03-2020 01:47:47)
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario (Perfiles disponibles: Usuario & Nico)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Cisco WebEx LLC -> Cisco WebEx LLC) C:\Program Files (x86)\Webex\Webex\Applications\PTIM.exe
(Cisco WebEx LLC -> Cisco WebEx LLC) C:\Program Files (x86)\Webex\Webex\Applications\ptSrv.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hi-Rez Studios) [Archivo no firmado] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Malwarebytes Inc -> Malwarebytes) [Archivo no firmado] C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe
(Qualcomm Atheros -> Atheros) [Archivo no firmado] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PTIM.exe] => C:\Program Files (x86)\Webex\Webex\Applications\PTIM.exe [980536 2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
HKLM\ DisallowedCertificates: 0A0CF21F2AD2796FCC1309F2993659FC9F4BBFB9 (U)
HKLM\ DisallowedCertificates: 1518752920E9221E1FE1728AACAC536728B37BA7 (Trend Micro) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 1B581436B0ED7536755B8B1C81112509A5AAF6ED (Panda Security S.L) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 328E73F58737F1AB8DB0DA98FECFA17EB7BFAA40 (U)
HKLM\ DisallowedCertificates: 3C92C9274AB6D3DD520B13029A2490C4A1D98BC0 (Kaspersky Lab) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 4E393AA1586C93E0BC9E7FEBCF7BFB62066DC22A (U)
HKLM\ DisallowedCertificates: 4E564B9FBCE8F496FFF51278CCD14EE17F09A1CE (U)
HKLM\ DisallowedCertificates: 58939B78BC28EF464220127BB754E3D130306988 (U)
HKLM\ DisallowedCertificates: 5AACB6A43D9D806E6963937BE702B7A43C1978AE (U)
HKLM\ DisallowedCertificates: 5DE56B2BAAA995F447949B869356528F91230A49 (U)
HKLM\ DisallowedCertificates: 7450C07722C75E711EF24209A22F0C5C6A5BEC4E (U)
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 78C55D604474B534EB2B565CAD312FC7D71FE9DE (U)
HKLM\ DisallowedCertificates: 816BE9397F66D1A26EFA04035BCA3BB9E3779740 (U)
HKLM\ DisallowedCertificates: 8887AF2636E0D3B763AC4D56729218AF89653CA4 (U)
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 8B6DD299C6E4092040E98EB773F3818DF50B038D (U)
HKLM\ DisallowedCertificates: 8DC9FE53D5F1D7D558EBE131E922730780D88865 (U)
HKLM\ DisallowedCertificates: 9A32249E9A6B9CF5C36B0749C81613524D37C594 (Safer Networking Ltd.) <==== ATENCIÓN
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATENCIÓN
HKLM\ DisallowedCertificates: AA8399A239AE1785200917D32C21F6B662477BE4 (U)
HKLM\ DisallowedCertificates: AEEA60E86C66327BFBB8492C33122687AB2B5D91 (U)
HKLM\ DisallowedCertificates: B7E607E1FB8943C634580F621788C01C962E8280 (U)
HKLM\ DisallowedCertificates: BDEEFEC5F002E281B2292A8C72EACA468CBF9952 (U)
HKLM\ DisallowedCertificates: BE894F99B870DA5FCA623F7F4A85D3970A46CDE1 (U)
HKLM\ DisallowedCertificates: BF9254919794C1075EA027889C5D304F1121C653 (Kaspersky Lab) <==== ATENCIÓN
HKLM\ DisallowedCertificates: D70D7D00CA12E1B3E20F3BF7534DEB2C2E7C2404 (U)
HKLM\ DisallowedCertificates: DBFAD9D59A6A07DCEB004DBE2DC246B547249E86 (Malwarebytes Corporation) <==== ATENCIÓN
HKLM\ DisallowedCertificates: E27AA5FFDCA62A60E435292A243D0C6D43DCC513 (U)
HKLM\ DisallowedCertificates: E4A0C1054F8025DD88EE5053094A9A61661AE123 (U)
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\QMxNetworkSync\QMxNetworkSync.exe
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize 
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\CurrentVersion\Windows: [Run] c:\Systemsolumsnformation\rungame.exe <==== ATENCIÓN
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)
AppInit_DLLs: C:\ProgramData\Voyasollam\Inch-Ing.dll => Ningún archivo
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
GroupPolicyUsers\S-1-5-21-3262702676-2008184811-2743962151-1005\User: Restricción <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02D0BB4D-0E27-432D-99D5-24729F5D2E02} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E48453D-4B9B-4FC5-AB49-B4B8AB9B7010} - System32\Tasks\Tasker21 => C:\Users\Usuario\AppData\Roaming\Lib\tskschd.exe [1043968 2018-07-23] () [Archivo no firmado]
Task: {1226981B-111F-4430-8C59-3F382C1CF52A} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1519064 2020-01-14] (Dell Inc. -> Dell Inc.)
Task: {1693CBB7-D29F-4FCC-9B3C-5C0EDD167980} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
Task: {3CDB8657-87A0-4653-BE16-97771A631488} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {424C4586-CCC0-4FF1-8F62-917768FE1A7B} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\Windows Updater.exe [895112 2020-02-21] (MICROLEAVES LTD -> AdvancedWindowsManager)
Task: {42613655-EDBD-48AE-BDF5-0C3B51E34B0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49252CFE-D7F9-43CE-BA5B-FE438E491689} - System32\Tasks\{CCD454BD-8E6E-41F1-908C-C5D650548A25} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Round-Com\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Round-Com\uninstall.dat" -a uninstallme 39027D82-4918-45BA-B13D-19258A374E62 DeviceId=a3d12f96-7989-421f-c5bb-d9e4e7421098 BarcodeId=51557004 ChannelId=4 DistributerName=APSFWemonetize
Task: {49DD752A-ED21-4936-9158-BC3888A623D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {59D65E5A-F24F-484E-A772-5AFD54324711} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {69252A98-2C83-4B5C-9C22-C7483D3F0454} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D8AEAAF-45E7-4A07-9309-BFC26A892F52} - System32\Tasks\MAGIX PC Check & Tuning 2019 => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2019\PCCT.exe [2467912 2018-06-01] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {708A9341-8367-4E20-8117-97CFF448CE10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {759E41D6-CB6B-4C40-BCD9-704B3A72E018} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8752A25E-CC84-4ED5-92DB-8884D095BA28} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B25197F-A42A-4FAA-94E5-AA4514BF0AA2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B145DDBE-734D-4486-8555-98DD94255523} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B60CA6CD-4B91-4A70-86CB-7CB7210C8EB5} - System32\Tasks\Autoupdate => C:\Users\Usuario\AppData\Roaming\Lib\autoupdate.exe [1043968 2018-07-23] () [Archivo no firmado]
Task: {CB38A584-9CA6-4722-A163-BD5390BBD8C6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE52C434-B381-4C56-BB6A-DA768F250B76} - System32\Tasks\Opera scheduled Autoupdate 1530899013 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe
Task: {CFB60E38-2B0D-4A40-AF8D-52A1A9B5AE22} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D72954F3-07AF-4C77-8326-75DCFA6C7721} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [22378920 2020-03-02] (GridinSoft, LLC -> Gridinsoft LLC)
Task: {F42C73D7-872F-468F-BDD1-148FCBC690A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\MAGIX PC Check & Tuning 2019.job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2019\PCCT.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0969E554-C934-457F-9954-47ED61A5F671}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{28381E95-E6C6-409E-9CDF-00816982DE9A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAbrinxIpxvf9TZMuiB-oYBQkPYRjLEzPfMvUBGzaW93p8K_QNjAEDOSQCaENauJ2XxqMLN-ok9JqWBhOEgQcke88s,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__181230&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\Webex\Webex\Applications\ptonecli.dll [2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\Webex\Webex\Applications\ptonecli.dll [2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: b9v9y4lq.default-1573492938078
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 [2020-03-12]
FF Homepage: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> hxxps://switch-xci.com; hxxps://www1.bethanyharrell.pro; hxxps://www.facebook.com; hxxps://linkvertise.com; hxxps://cutwin.com; hxxps://anonfile.com; hxxps://www1.sherwoodsutton.pro; hxxps://web.whatsapp.com; hxxps://twitter.com
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\[email protected] [2019-02-19]
FF Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\[email protected] [2018-07-13]
FF Extension: (Fortnite Stats) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\{23836774-0924-4977-8f2d-43c223f18533}.xpi [2020-03-06]
FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\searchplugins\google-avast.xml [2019-12-10]
FF Extension: (Sin Nombre) - C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-09-16] [no firmado]
FF Extension: (Cisco WebEx Extension) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2019-03-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin HKU\S-1-5-21-3262702676-2008184811-2743962151-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Usuario\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-08-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Usuario\AppData\Roaming\mozilla\plugins\npatgpc.dll [2019-03-18]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-12-01]
CHR HomePage: Default -> hxxp://www.google.com.uy/
CHR StartupUrls: Default -> "hxxp://www.google.com.uy/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-24]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-24]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (book_helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnigmaekijecandkailhnklknockjdpd [2019-12-01]
CHR Extension: (Cisco Webex Extension) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-03-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-19]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-01]
CHR Extension: (book_helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hnigmaekijecandkailhnklknockjdpd [2019-12-01]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-12]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-24]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-24]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-12-09]
CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Profile 2 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXs-CyrdGvJHv9HLSd8Mlj7ELKjGSCkpkK0gWTH2hnlUrDrbB45X91SpleWmcKJYycateuNudlI8RM0UvhL5eq-mI,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> feed.sonic-search.com
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-24]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-24]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-24]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-16]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-12-05]
CHR HomePage: Profile 3 -> hxxp://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Profile 3 -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1423034471&from=obw&uid=ST500DM002-1BD142_Z2AVEALMXXXXZ2AVEALM","hxxps://www.google.com.uy/","hxxp://www.ceibal.edu.uy/","hxxp://ceibal.edu.uy/","hxxps://www.ceibal.edu.uy/"
CHR DefaultSearchURL: Profile 3 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXs-CyrdGvJHv9HLSd8Mlj7ELKjGSCkpkK0gWTH2hnlUrDrbB45X91SpleWmcKJYycateuNudlI8RM0UvhL5eq-mI,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> feed.sonic-search.com
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-01]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-01]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-01]
CHR Extension: (Google Optimize) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhdplaindhdkiflmbfbciehdccfhegci [2019-11-16]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-04]
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-11-04]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-01]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-18]
CHR Extension: (book_helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hnigmaekijecandkailhnklknockjdpd [2019-12-01]
CHR Extension: (Gatos Wallpapers HD Gatos New Tab) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkbdeejidffdchjpmifgfgacikbacpge [2019-05-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (DOM Destroyer) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\npcfmcgpbcnkmfpjibbhmmpmknlobkpb [2019-06-17]
CHR Extension: (FromDocToPDF para Chrome) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pbneiecbhikjapoihjpemfmpaalkafkh [2019-10-16]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-03]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4 [2020-03-12]
CHR Notifications: Profile 4 -> hxxps://web.skype.com
CHR StartupUrls: Profile 4 -> "hxxp://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-19]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-19]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-19]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-19]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-29]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-19]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-08]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-01]
CHR Extension: (book_helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\hnigmaekijecandkailhnklknockjdpd [2019-12-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera: 
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\dljmpahjdmlcmopgciohdemghjmdfdbn [2018-09-16]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

"okbyyvfn" => servicio fue desbloqueado. <==== ATENCIÓN

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8413472 2020-02-05] (BattlEye Innovations e.K. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [244280 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3339824 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe [964592 2020-01-29] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-01-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [Archivo no firmado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Archivo no firmado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-12] (Malwarebytes Inc -> Malwarebytes) [Archivo no firmado]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [10654992 2018-08-09] (Mail.Ru LLC -> LLC Mail.Ru)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-18] (Logitech Inc -> Logitech)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [50648 2020-01-14] (Dell Inc. -> Dell Inc.)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [144440 2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-10-25] (Qualcomm Atheros -> Atheros) [Archivo no firmado]
S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\71.0.58.16\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 okbyyvfn; C:\Windows\SysWOW64\okbyyvfn\keevgpgi.exe [X]
S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2811904 2012-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-02-04] (Bluestack Systems, Inc -> Bluestack System Inc. )
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2019-05-21] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2019-05-21] (Techporch Incorporated -> Dell Computer Corporation)
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [107784 2020-01-16] (GridinSoft, LLC -> GridinSoft LLC)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [9871128 2018-08-09] (Mail.Ru LLC -> LLC Mail.Ru)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [38216 2020-01-16] (GridinSoft, LLC -> GridinSoft LLC)
S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-12 01:47 - 2020-03-12 01:50 - 000047263 _____ C:\Users\Usuario\Desktop\FRST.txt
2020-03-12 01:47 - 2020-03-12 01:49 - 000000000 ____D C:\FRST
2020-03-12 01:46 - 2020-03-12 01:46 - 002279936 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2020-03-12 01:33 - 2020-03-12 01:33 - 000084649 _____ C:\Users\Usuario\Downloads\FRST.txt
2020-03-12 01:23 - 2020-03-12 01:23 - 001928352 _____ (Malwarebytes) C:\Users\Usuario\Downloads\MBSetup.exe
2020-03-12 01:20 - 2020-03-12 01:21 - 000002416 _____ C:\Users\Usuario\Desktop\Rkill.txt
2020-03-12 01:20 - 2020-03-12 01:20 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Usuario\Downloads\iExplore.exe
2020-03-12 01:04 - 2020-03-12 01:04 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-12 01:04 - 2020-03-12 01:04 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-12 01:04 - 2020-03-12 01:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-12 01:04 - 2020-03-12 01:03 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-12 01:03 - 2020-03-12 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-12 01:03 - 2020-03-12 01:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-12 00:55 - 2020-03-12 00:55 - 001928352 _____ (Malwarebytes) C:\Users\Usuario\Downloads\MBSetup-0009996.0009996-consumer.exe
2020-03-12 00:32 - 2020-03-12 00:32 - 000003238 _____ C:\Windows\system32\Tasks\GridinSoft Anti-Malware
2020-03-12 00:32 - 2020-03-12 00:32 - 000000893 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2020-03-12 00:32 - 2020-03-12 00:32 - 000000893 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2020-03-12 00:32 - 2020-03-12 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-03-12 00:31 - 2020-03-12 00:32 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-03-12 00:31 - 2020-03-12 00:31 - 000000000 ____D C:\ProgramData\GridinSoft
2020-03-12 00:03 - 2020-03-12 00:03 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-03-12 00:03 - 2020-03-12 00:03 - 000002003 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-03-11 04:58 - 2020-03-08 04:51 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-08 10:47 - 2020-03-08 10:47 - 000036964 _____ C:\Users\Usuario\Downloads\Documento sin título(8).pdf
2020-03-08 04:51 - 2020-03-08 04:51 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-08 04:51 - 2020-03-08 04:51 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-07 20:40 - 2020-03-07 20:40 - 000296120 _____ C:\Windows\Minidump\030720-24507-01.dmp
2020-03-07 20:14 - 2020-03-07 20:14 - 000022240 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_1464241266525010.dll
2020-03-06 14:21 - 2020-03-06 14:21 - 000000000 ____D C:\Users\Usuario\AppData\Local\pokemon2
2020-03-06 13:52 - 2020-03-06 13:52 - 000000222 _____ C:\Users\Usuario\Desktop\Trove.url
2020-03-05 20:03 - 2020-03-05 20:03 - 000116892 _____ C:\Users\Usuario\Downloads\Documento sin título(7).pdf
2020-03-05 19:50 - 2020-03-05 19:50 - 000022115 _____ C:\Users\Usuario\Downloads\Tabla de horarios.pdf
2020-03-04 20:48 - 2020-03-04 20:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Darwin
2020-03-02 13:11 - 2020-03-02 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\WB Games
2020-03-01 19:18 - 2020-03-01 19:24 - 1741824497 ____R C:\Users\Usuario\Downloads\Dragon.ball.super.broly.2018.1080p-dual-lat-cinecalidad.to.mp4
2020-03-01 11:56 - 2016-09-30 00:02 - 000000000 ____D C:\Users\Usuario\Desktop\YoutubersLife
2020-03-01 10:49 - 2020-03-01 10:49 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\U-Play online
2020-03-01 10:45 - 2020-03-01 10:45 - 000000000 ____D C:\Users\Usuario\Documents\U-Play online
2020-03-01 10:21 - 2020-03-01 10:21 - 001573568 _____ C:\Users\Usuario\Downloads\SteamSetup(2).exe
2020-02-28 16:17 - 2020-02-28 16:33 - 000000000 ____D C:\ProgramData\BadlionClient
2020-02-28 16:17 - 2020-02-28 16:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\badlion-client-updater
2020-02-28 16:15 - 2020-03-07 09:50 - 000000000 ____D C:\Program Files\Badlion Client
2020-02-27 11:58 - 2020-02-27 11:58 - 000820111 _____ C:\Users\Usuario\Downloads\LabyMod3_Installer.jar
2020-02-25 21:06 - 2020-03-01 19:25 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2020-02-25 21:06 - 2020-02-25 21:06 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-02-24 13:22 - 2020-02-24 13:22 - 002031012 _____ C:\Users\Usuario\Downloads\OptiFine_1.8.0.jar
2020-02-23 14:38 - 2020-02-23 14:38 - 000000000 ____D C:\Users\Nico\AppData\Roaming\CC
2020-02-23 14:35 - 2020-02-23 14:35 - 000000000 ____D C:\Users\Nico\AppData\Local\UniSDK
2020-02-23 14:27 - 2020-02-23 14:27 - 000000222 _____ C:\Users\Nico\Desktop\CreativeDestruction.url
2020-02-22 18:46 - 2020-02-22 18:46 - 053662069 _____ C:\Users\Usuario\Downloads\PokeGalaxia V3.1.zip
2020-02-17 20:27 - 2020-02-17 20:27 - 000296104 _____ C:\Windows\Minidump\021720-24679-01.dmp
2020-02-17 19:30 - 2020-02-17 19:30 - 000022240 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_370055763445664.dll
2020-02-16 11:19 - 2020-02-16 11:19 - 000296120 _____ C:\Windows\Minidump\021620-24320-01.dmp
2020-02-15 16:10 - 2020-02-15 16:10 - 000000067 _____ C:\Users\Nico\Desktop\contra seba.txt
2020-02-12 18:05 - 2020-02-12 18:05 - 000000000 _____ C:\Users\Usuario\Downloads\creative-destruction-3-0-108.exe
2020-02-12 18:04 - 2020-02-12 18:06 - 021823177 _____ (My Company, Inc. ) C:\Users\Usuario\Downloads\creative-destruction-3-0-108.exe.part
2020-02-11 21:24 - 2020-02-11 21:24 - 003245600 _____ C:\Users\Nico\Downloads\AutoHotkey_1.1.32.00_setup.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-12 01:23 - 2019-01-17 09:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2020-03-12 00:28 - 2019-12-01 07:36 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\yjfzjgnn
2020-03-12 00:18 - 2018-01-24 23:15 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-03-12 00:17 - 2009-07-14 01:45 - 000035616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-12 00:17 - 2009-07-14 01:45 - 000035616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-12 00:15 - 2018-01-24 22:06 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-12 00:13 - 2019-01-16 04:55 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-12 00:08 - 2018-07-13 20:42 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2020-03-12 00:06 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2020-03-12 00:04 - 2018-01-24 10:39 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
2020-03-12 00:03 - 2018-02-23 19:29 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2020-03-12 00:03 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-12 00:00 - 2018-02-20 20:24 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2020-03-11 23:59 - 2020-02-06 09:36 - 000003864 _____ C:\Windows\system32\Tasks\AdvancedUpdater
2020-03-11 23:59 - 2019-12-05 20:12 - 000003592 _____ C:\Windows\system32\Tasks\{CCD454BD-8E6E-41F1-908C-C5D650548A25}
2020-03-11 23:59 - 2019-02-17 21:26 - 000003242 _____ C:\Windows\system32\Tasks\Autoupdate
2020-03-11 23:59 - 2019-02-17 21:26 - 000003236 _____ C:\Windows\system32\Tasks\Tasker21
2020-03-11 23:59 - 2019-01-16 04:58 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:58 - 000003814 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:58 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:57 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:57 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:57 - 000003730 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:57 - 000003554 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2019-01-16 04:57 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-11 23:59 - 2018-01-24 09:58 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-03-11 12:59 - 2018-01-24 09:58 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-11 12:06 - 2018-01-24 09:58 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-09 19:51 - 2019-10-20 11:58 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\.minecraft
2020-03-08 04:51 - 2019-02-19 22:12 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-08 04:51 - 2018-10-22 16:25 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-08 04:51 - 2018-01-24 09:58 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-08 04:51 - 2018-01-24 09:58 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-08 04:51 - 2018-01-24 09:58 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-08 04:50 - 2019-01-17 09:31 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-08 04:50 - 2019-01-17 08:59 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-08 04:50 - 2019-01-17 08:59 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-08 04:50 - 2019-01-17 08:59 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-08 04:50 - 2018-01-24 09:58 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-08 04:50 - 2018-01-24 09:58 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-07 20:40 - 2018-07-12 21:09 - 000000000 ____D C:\Windows\Minidump
2020-03-07 09:53 - 2019-10-19 20:52 - 000000000 ____D C:\Program Files (x86)\Wizards of the Coast
2020-03-07 09:50 - 2019-08-31 15:51 - 000000000 ____D C:\Users\Usuario\Documents\Wondershare Filmora 9
2020-03-06 14:21 - 2018-02-23 15:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\UnrealEngine
2020-03-04 20:48 - 2018-02-23 19:41 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\EasyAntiCheat
2020-03-04 15:39 - 2019-06-06 19:24 - 000001138 _____ C:\Users\Usuario\Desktop\Roblox Studio.lnk
2020-03-04 15:39 - 2018-11-22 20:55 - 000001319 _____ C:\Users\Usuario\Desktop\Roblox Player.lnk
2020-03-04 15:39 - 2018-09-17 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2020-03-02 09:32 - 2019-05-24 21:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\BitTorrentHelper
2020-03-02 09:32 - 2018-12-30 20:55 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2020-03-01 19:28 - 2011-01-22 07:50 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2020-03-01 19:28 - 2011-01-22 07:50 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2020-03-01 19:28 - 2009-07-14 02:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-01 19:28 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-02-26 14:14 - 2019-12-16 10:40 - 000002162 _____ C:\Users\Nico\Desktop\Discord.lnk
2020-02-26 14:14 - 2019-12-16 10:40 - 000000000 ____D C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-02-26 14:14 - 2019-12-16 10:40 - 000000000 ____D C:\Users\Nico\AppData\Roaming\Discord
2020-02-26 14:14 - 2019-12-16 10:40 - 000000000 ____D C:\Users\Nico\AppData\Local\Discord
2020-02-24 22:40 - 2018-01-24 09:54 - 000165648 _____ C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2020-02-24 22:12 - 2018-01-25 00:00 - 000000000 ____D C:\Program Files (x86)\Minecraft
2020-02-23 14:27 - 2019-12-18 21:46 - 000000000 ____D C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-02-23 14:11 - 2019-12-11 00:10 - 000000000 __SHD C:\Users\Nico\IntelGraphicsProfiles
2020-02-22 12:30 - 2019-01-17 11:43 - 005604984 _____ () C:\Users\Usuario\Desktop\TechnicLauncher.exe
2020-02-22 12:29 - 2018-02-13 13:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\.technic
2020-02-19 17:30 - 2019-12-16 07:21 - 000000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2020-02-15 20:50 - 2019-12-24 16:55 - 000000000 ____D C:\Users\Nico\AppData\Roaming\obs-studio
2020-02-14 17:07 - 2019-12-11 21:10 - 000000000 ____D C:\Users\Nico\AppData\Roaming\.minecraft
2020-02-13 19:22 - 2019-12-11 00:11 - 000000000 ____D C:\Users\Nico\AppData\Local\UnrealEngine
2020-02-12 04:02 - 2018-01-24 10:05 - 000000000 ____D C:\Windows\system32\MRT
2020-02-12 03:52 - 2018-01-24 10:05 - 120407888 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-02-12 03:50 - 2019-03-24 23:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-02-12 03:50 - 2009-07-13 23:34 - 000000478 _____ C:\Windows\win.ini

==================== Archivos en la raíz de algunos directorios ========

2019-01-09 23:00 - 2019-01-09 23:00 - 038235304 _____ () C:\Users\Usuario\AppData\Roaming\gameboxsetup.exe
2019-12-01 07:37 - 2019-12-01 07:37 - 000000505 _____ () C:\Users\Usuario\AppData\Roaming\Microsoft\config.ini
2019-12-01 07:37 - 2019-12-01 07:37 - 008075264 _____ () C:\Users\Usuario\AppData\Local\agent.dat
2019-12-01 07:37 - 2019-12-01 07:37 - 000044032 _____ () C:\Users\Usuario\AppData\Local\ApplicationHosting.dat
2019-12-01 07:37 - 2019-12-01 07:37 - 000000562 _____ () C:\Users\Usuario\AppData\Local\bowsakkdestx.txt
2019-12-01 07:37 - 2019-12-01 07:37 - 000069888 _____ () C:\Users\Usuario\AppData\Local\Config.xml
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Doubletinit.exe
2019-12-01 07:37 - 2019-12-01 07:37 - 002052089 _____ () C:\Users\Usuario\AppData\Local\Doubletinit.tst
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Fresh-La.exe
2019-12-01 07:37 - 2019-12-01 07:37 - 000068237 _____ () C:\Users\Usuario\AppData\Local\Fresh-La.tst
2019-12-01 07:36 - 2019-12-01 07:37 - 000016896 _____ () C:\Users\Usuario\AppData\Local\InstallationConfiguration.xml
2019-12-01 07:36 - 2019-12-01 07:36 - 000140800 _____ () C:\Users\Usuario\AppData\Local\installer.dat
2019-12-01 07:37 - 2019-12-01 07:37 - 000126464 _____ () C:\Users\Usuario\AppData\Local\lobby.dat
2019-12-01 07:37 - 2019-12-01 07:37 - 000018432 _____ () C:\Users\Usuario\AppData\Local\Main.dat
2019-12-01 07:37 - 2019-12-01 07:37 - 000005568 _____ () C:\Users\Usuario\AppData\Local\md.xml
2019-12-01 07:37 - 2019-12-01 07:37 - 000126464 _____ () C:\Users\Usuario\AppData\Local\noah.dat
2019-12-01 07:37 - 2019-12-01 07:37 - 000032038 _____ () C:\Users\Usuario\AppData\Local\uninstall_temp.ico
2019-12-01 07:37 - 2019-12-01 07:37 - 001895383 _____ () C:\Users\Usuario\AppData\Local\X-Soft.bin

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-03-08 00:45
==================== Final de FRST.txt ========================

Hola @Cafe_Cafe.

Has explicado poco y muy breve los problemas que tienes en tu equipo. :roll_eyes:

Pero a la vista de lo que se ve en el informe que has puesto podemos darte YA algunos pasos.



Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\ DisallowedCertificates: 0A0CF21F2AD2796FCC1309F2993659FC9F4BBFB9 (U)
HKLM\ DisallowedCertificates: 1518752920E9221E1FE1728AACAC536728B37BA7 (Trend Micro) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 1B581436B0ED7536755B8B1C81112509A5AAF6ED (Panda Security S.L) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 328E73F58737F1AB8DB0DA98FECFA17EB7BFAA40 (U)
HKLM\ DisallowedCertificates: 3C92C9274AB6D3DD520B13029A2490C4A1D98BC0 (Kaspersky Lab) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 4E393AA1586C93E0BC9E7FEBCF7BFB62066DC22A (U)
HKLM\ DisallowedCertificates: 4E564B9FBCE8F496FFF51278CCD14EE17F09A1CE (U)
HKLM\ DisallowedCertificates: 58939B78BC28EF464220127BB754E3D130306988 (U)
HKLM\ DisallowedCertificates: 5AACB6A43D9D806E6963937BE702B7A43C1978AE (U)
HKLM\ DisallowedCertificates: 5DE56B2BAAA995F447949B869356528F91230A49 (U)
HKLM\ DisallowedCertificates: 7450C07722C75E711EF24209A22F0C5C6A5BEC4E (U)
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 78C55D604474B534EB2B565CAD312FC7D71FE9DE (U)
HKLM\ DisallowedCertificates: 816BE9397F66D1A26EFA04035BCA3BB9E3779740 (U)
HKLM\ DisallowedCertificates: 8887AF2636E0D3B763AC4D56729218AF89653CA4 (U)
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATENCIÓN
HKLM\ DisallowedCertificates: 8B6DD299C6E4092040E98EB773F3818DF50B038D (U)
HKLM\ DisallowedCertificates: 8DC9FE53D5F1D7D558EBE131E922730780D88865 (U)
HKLM\ DisallowedCertificates: 9A32249E9A6B9CF5C36B0749C81613524D37C594 (Safer Networking Ltd.) <==== ATENCIÓN
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATENCIÓN
HKLM\ DisallowedCertificates: AA8399A239AE1785200917D32C21F6B662477BE4 (U)
HKLM\ DisallowedCertificates: AEEA60E86C66327BFBB8492C33122687AB2B5D91 (U)
HKLM\ DisallowedCertificates: B7E607E1FB8943C634580F621788C01C962E8280 (U)
HKLM\ DisallowedCertificates: BDEEFEC5F002E281B2292A8C72EACA468CBF9952 (U)
HKLM\ DisallowedCertificates: BE894F99B870DA5FCA623F7F4A85D3970A46CDE1 (U)
HKLM\ DisallowedCertificates: BF9254919794C1075EA027889C5D304F1121C653 (Kaspersky Lab) <==== ATENCIÓN
HKLM\ DisallowedCertificates: D70D7D00CA12E1B3E20F3BF7534DEB2C2E7C2404 (U)
HKLM\ DisallowedCertificates: DBFAD9D59A6A07DCEB004DBE2DC246B547249E86 (Malwarebytes Corporation) <==== ATENCIÓN
HKLM\ DisallowedCertificates: E27AA5FFDCA62A60E435292A243D0C6D43DCC513 (U)
HKLM\ DisallowedCertificates: E4A0C1054F8025DD88EE5053094A9A61661AE123 (U)
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATENCIÓN
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\CurrentVersion\Windows: [Run] c:\Systemsolumsnformation\rungame.exe <==== ATENCIÓN
AppInit_DLLs: C:\ProgramData\Voyasollam\Inch-Ing.dll => Ningún archivo
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
GroupPolicyUsers\S-1-5-21-3262702676-2008184811-2743962151-1005\User: Restricción <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {0E48453D-4B9B-4FC5-AB49-B4B8AB9B7010} - System32\Tasks\Tasker21 => C:\Users\Usuario\AppData\Roaming\Lib\tskschd.exe [1043968 2018-07-23] () [Archivo no firmado]
Task: {424C4586-CCC0-4FF1-8F62-917768FE1A7B} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\Windows Updater.exe [895112 2020-02-21] (MICROLEAVES LTD -> AdvancedWindowsManager)
Task: {B60CA6CD-4B91-4A70-86CB-7CB7210C8EB5} - System32\Tasks\Autoupdate => C:\Users\Usuario\AppData\Roaming\Lib\autoupdate.exe [1043968 2018-07-23] () [Archivo no firmado]
Task: {D72954F3-07AF-4C77-8326-75DCFA6C7721} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [22378920 2020-03-02] (GridinSoft, LLC -> Gridinsoft LLC)
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAbrinxIpxvf9TZMuiB-oYBQkPYRjLEzPfMvUBGzaW93p8K_QNjAEDOSQCaENauJ2XxqMLN-ok9JqWBhOEgQcke88s,
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__181230&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FF Homepage: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> hxxps://www.google.com/?bcutc=sp-006
FF Notifications: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> hxxps://switch-xci.com; hxxps://www1.bethanyharrell.pro; hxxps://www.facebook.com; hxxps://linkvertise.com; hxxps://cutwin.com; hxxps://anonfile.com; hxxps://www1.sherwoodsutton.pro; hxxps://web.whatsapp.com; hxxps://twitter.com
FF Extension: (Sin Nombre) - C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-09-16] [no firmado]
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR DefaultSearchURL: Profile 2 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXs-CyrdGvJHv9HLSd8Mlj7ELKjGSCkpkK0gWTH2hnlUrDrbB45X91SpleWmcKJYycateuNudlI8RM0UvhL5eq-mI,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> feed.sonic-search.com
CHR HomePage: Profile 3 -> hxxp://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Profile 3 -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1423034471&from=obw&uid=ST500DM002-1BD142_Z2AVEALMXXXXZ2AVEALM","hxxps://www.google.com.uy/","hxxp://www.ceibal.edu.uy/","hxxp://ceibal.edu.uy/","hxxps://www.ceibal.edu.uy/"
CHR DefaultSearchURL: Profile 3 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXs-CyrdGvJHv9HLSd8Mlj7ELKjGSCkpkK0gWTH2hnlUrDrbB45X91SpleWmcKJYycateuNudlI8RM0UvhL5eq-mI,&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> feed.sonic-search.com
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
"okbyyvfn" => servicio fue desbloqueado. <==== ATENCIÓN
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-12] (Malwarebytes Inc -> Malwarebytes) [Archivo no firmado]
S3 mracsvc; C:\Windows\System32\mracsvc.exe [10654992 2018-08-09] (Mail.Ru LLC -> LLC Mail.Ru)
S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\71.0.58.16\elevation_service.exe" [X]
S2 okbyyvfn; C:\Windows\SysWOW64\okbyyvfn\keevgpgi.exe [X]
S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [9871128 2018-08-09] (Mail.Ru LLC -> LLC Mail.Ru)
S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]
2020-03-12 01:04 - 2020-03-12 01:04 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-12 01:04 - 2020-03-12 01:04 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-12 01:04 - 2020-03-12 01:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-12 01:04 - 2020-03-12 01:03 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-12 01:03 - 2020-03-12 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-12 01:03 - 2020-03-12 01:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-12 00:55 - 2020-03-12 00:55 - 001928352 _____ (Malwarebytes) C:\Users\Usuario\Downloads\MBSetup-0009996.0009996-consumer.exe
2020-03-12 00:32 - 2020-03-12 00:32 - 000003238 _____ C:\Windows\system32\Tasks\GridinSoft Anti-Malware
2020-03-12 00:32 - 2020-03-12 00:32 - 000000893 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk
2020-03-12 00:32 - 2020-03-12 00:32 - 000000893 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk
2020-03-12 00:32 - 2020-03-12 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-03-12 00:31 - 2020-03-12 00:32 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-03-12 00:31 - 2020-03-12 00:31 - 000000000 ____D C:\ProgramData\GridinSoft
2020-03-12 00:28 - 2019-12-01 07:36 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\yjfzjgnn
2020-03-12 00:17 - 2009-07-14 01:45 - 000035616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-12 00:17 - 2009-07-14 01:45 - 000035616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-11 23:59 - 2019-12-05 20:12 - 000003592 _____ C:\Windows\system32\Tasks\{CCD454BD-8E6E-41F1-908C-C5D650548A25}
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Para verificar los resultados y de momento NO haga NINGÚN otro paso.

Saludos.

1 me gusta

Muchas gracias por la información. Mi idea era justamente acudir con los logs desde el comienzo para tener data fiable y no hacerlos perder el tiempo.

Adjunto log del Fix:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-03-2020
Ejecutado por Usuario (13-03-2020 00:11:49) Run:1
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario (Perfiles disponibles: Usuario & Nico)
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START

CREATERESTOREPOINT:

CLOSEPROCESSES:

HKLM\ DisallowedCertificates: 0A0CF21F2AD2796FCC1309F2993659FC9F4BBFB9 (U)

HKLM\ DisallowedCertificates: 1518752920E9221E1FE1728AACAC536728B37BA7 (Trend Micro) <==== ATENCI�N

HKLM\ DisallowedCertificates: 1B581436B0ED7536755B8B1C81112509A5AAF6ED (Panda Security S.L) <==== ATENCI�N

HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATENCI�N

HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATENCI�N

HKLM\ DisallowedCertificates: 328E73F58737F1AB8DB0DA98FECFA17EB7BFAA40 (U)

HKLM\ DisallowedCertificates: 3C92C9274AB6D3DD520B13029A2490C4A1D98BC0 (Kaspersky Lab) <==== ATENCI�N

HKLM\ DisallowedCertificates: 4E393AA1586C93E0BC9E7FEBCF7BFB62066DC22A (U)

HKLM\ DisallowedCertificates: 4E564B9FBCE8F496FFF51278CCD14EE17F09A1CE (U)

HKLM\ DisallowedCertificates: 58939B78BC28EF464220127BB754E3D130306988 (U)

HKLM\ DisallowedCertificates: 5AACB6A43D9D806E6963937BE702B7A43C1978AE (U)

HKLM\ DisallowedCertificates: 5DE56B2BAAA995F447949B869356528F91230A49 (U)

HKLM\ DisallowedCertificates: 7450C07722C75E711EF24209A22F0C5C6A5BEC4E (U)

HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATENCI�N

HKLM\ DisallowedCertificates: 78C55D604474B534EB2B565CAD312FC7D71FE9DE (U)

HKLM\ DisallowedCertificates: 816BE9397F66D1A26EFA04035BCA3BB9E3779740 (U)

HKLM\ DisallowedCertificates: 8887AF2636E0D3B763AC4D56729218AF89653CA4 (U)

HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATENCI�N

HKLM\ DisallowedCertificates: 8B6DD299C6E4092040E98EB773F3818DF50B038D (U)

HKLM\ DisallowedCertificates: 8DC9FE53D5F1D7D558EBE131E922730780D88865 (U)

HKLM\ DisallowedCertificates: 9A32249E9A6B9CF5C36B0749C81613524D37C594 (Safer Networking Ltd.) <==== ATENCI�N

HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATENCI�N

HKLM\ DisallowedCertificates: AA8399A239AE1785200917D32C21F6B662477BE4 (U)

HKLM\ DisallowedCertificates: AEEA60E86C66327BFBB8492C33122687AB2B5D91 (U)

HKLM\ DisallowedCertificates: B7E607E1FB8943C634580F621788C01C962E8280 (U)

HKLM\ DisallowedCertificates: BDEEFEC5F002E281B2292A8C72EACA468CBF9952 (U)

HKLM\ DisallowedCertificates: BE894F99B870DA5FCA623F7F4A85D3970A46CDE1 (U)

HKLM\ DisallowedCertificates: BF9254919794C1075EA027889C5D304F1121C653 (Kaspersky Lab) <==== ATENCI�N

HKLM\ DisallowedCertificates: D70D7D00CA12E1B3E20F3BF7534DEB2C2E7C2404 (U)

HKLM\ DisallowedCertificates: DBFAD9D59A6A07DCEB004DBE2DC246B547249E86 (Malwarebytes Corporation) <==== ATENCI�N

HKLM\ DisallowedCertificates: E27AA5FFDCA62A60E435292A243D0C6D43DCC513 (U)

HKLM\ DisallowedCertificates: E4A0C1054F8025DD88EE5053094A9A61661AE123 (U)

HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATENCI�N

HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\CurrentVersion\Windows: [Run] c:\Systemsolumsnformation\rungame.exe <==== ATENCI�N

AppInit_DLLs: C:\ProgramData\Voyasollam\Inch-Ing.dll => Ning�n archivo

GroupPolicy: Restricci�n - Chrome <==== ATENCI�N

GroupPolicy\User: Restricci�n ? <==== ATENCI�N

GroupPolicyUsers\S-1-5-21-3262702676-2008184811-2743962151-1005\User: Restricci�n <==== ATENCI�N

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N

CHR HKLM\SOFTWARE\Policies\Google: Restricci�n <==== ATENCI�N

Task: {0E48453D-4B9B-4FC5-AB49-B4B8AB9B7010} - System32\Tasks\Tasker21 => C:\Users\Usuario\AppData\Roaming\Lib\tskschd.exe [1043968 2018-07-23] () [Archivo no firmado]

Task: {424C4586-CCC0-4FF1-8F62-917768FE1A7B} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\Windows Updater.exe [895112 2020-02-21] (MICROLEAVES LTD -> AdvancedWindowsManager)

Task: {B60CA6CD-4B91-4A70-86CB-7CB7210C8EB5} - System32\Tasks\Autoupdate => C:\Users\Usuario\AppData\Roaming\Lib\autoupdate.exe [1043968 2018-07-23] () [Archivo no firmado]

Task: {D72954F3-07AF-4C77-8326-75DCFA6C7721} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe [22378920 2020-03-02] (GridinSoft, LLC -> Gridinsoft LLC)

HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}

HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAbrinxIpxvf9TZMuiB-oYBQkPYRjLEzPfMvUBGzaW93p8K_QNjAEDOSQCaENauJ2XxqMLN-ok9JqWBhOEgQcke88s,

SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =

SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__181230&q={searchTerms}

SearchScopes: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXpFvcQFmGwXh6f2noZm6jUHjJDuj-CZeA-NLhogGXechkcK0cXi22BOssPwMAHou8ecxWOHb15cEBZfUy2umGT5c,&q={searchTerms}

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FF Homepage: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> hxxps://www.google.com/?bcutc=sp-006

FF Notifications: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> hxxps://switch-xci.com; hxxps://www1.bethanyharrell.pro; hxxps://www.facebook.com; hxxps://linkvertise.com; hxxps://cutwin.com; hxxps://anonfile.com; hxxps://www1.sherwoodsutton.pro; hxxps://web.whatsapp.com; hxxps://twitter.com

FF Extension: (Sin Nombre) - C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi [2018-09-16] [no firmado]

FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [Ning�n archivo]

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ning�n archivo]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)

FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

CHR DefaultSearchURL: Profile 2 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXs-CyrdGvJHv9HLSd8Mlj7ELKjGSCkpkK0gWTH2hnlUrDrbB45X91SpleWmcKJYycateuNudlI8RM0UvhL5eq-mI,&q={searchTerms}

CHR DefaultSearchKeyword: Profile 2 -> feed.sonic-search.com

CHR HomePage: Profile 3 -> hxxp://homepage-web.com/?s=acer&m=home

CHR StartupUrls: Profile 3 -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1423034471&from=obw&uid=ST500DM002-1BD142_Z2AVEALMXXXXZ2AVEALM","hxxps://www.google.com.uy/","hxxp://www.ceibal.edu.uy/","hxxp://ceibal.edu.uy/","hxxps://www.ceibal.edu.uy/"

CHR DefaultSearchURL: Profile 3 -> hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlKFuSPkduL6o8RLUVK_hb3XaEqfy4JEcdCHaRW2YhHpqr1VR7_LStfkF20Jh48hdu8AfQw2Vt5pKMAXs-CyrdGvJHv9HLSd8Mlj7ELKjGSCkpkK0gWTH2hnlUrDrbB45X91SpleWmcKJYycateuNudlI8RM0UvhL5eq-mI,&q={searchTerms}

CHR DefaultSearchKeyword: Profile 3 -> feed.sonic-search.com

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

"okbyyvfn" => servicio fue desbloqueado. <==== ATENCI�N

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-12] (Malwarebytes Inc -> Malwarebytes) [Archivo no firmado]

S3 mracsvc; C:\Windows\System32\mracsvc.exe [10654992 2018-08-09] (Mail.Ru LLC -> LLC Mail.Ru)

S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\71.0.58.16\elevation_service.exe" [X]

S2 okbyyvfn; C:\Windows\SysWOW64\okbyyvfn\keevgpgi.exe [X]

S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]

S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [9871128 2018-08-09] (Mail.Ru LLC -> LLC Mail.Ru)

S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]

2020-03-12 01:04 - 2020-03-12 01:04 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2020-03-12 01:04 - 2020-03-12 01:04 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk

2020-03-12 01:04 - 2020-03-12 01:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2020-03-12 01:04 - 2020-03-12 01:03 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2020-03-12 01:03 - 2020-03-12 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes

2020-03-12 01:03 - 2020-03-12 01:03 - 000000000 ____D C:\Program Files\Malwarebytes

2020-03-12 00:55 - 2020-03-12 00:55 - 001928352 _____ (Malwarebytes) C:\Users\Usuario\Downloads\MBSetup-0009996.0009996-consumer.exe

2020-03-12 00:32 - 2020-03-12 00:32 - 000003238 _____ C:\Windows\system32\Tasks\GridinSoft Anti-Malware

2020-03-12 00:32 - 2020-03-12 00:32 - 000000893 _____ C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk

2020-03-12 00:32 - 2020-03-12 00:32 - 000000893 _____ C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk

2020-03-12 00:32 - 2020-03-12 00:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware

2020-03-12 00:31 - 2020-03-12 00:32 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware

2020-03-12 00:31 - 2020-03-12 00:31 - 000000000 ____D C:\ProgramData\GridinSoft

2020-03-12 00:28 - 2019-12-01 07:36 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\yjfzjgnn

2020-03-12 00:17 - 2009-07-14 01:45 - 000035616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2020-03-12 00:17 - 2009-07-14 01:45 - 000035616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2020-03-11 23:59 - 2019-12-05 20:12 - 000003592 _____ C:\Windows\system32\Tasks\{CCD454BD-8E6E-41F1-908C-C5D650548A25}

HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\0A0CF21F2AD2796FCC1309F2993659FC9F4BBFB9 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1518752920E9221E1FE1728AACAC536728B37BA7 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1B581436B0ED7536755B8B1C81112509A5AAF6ED => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\328E73F58737F1AB8DB0DA98FECFA17EB7BFAA40 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3C92C9274AB6D3DD520B13029A2490C4A1D98BC0 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4E393AA1586C93E0BC9E7FEBCF7BFB62066DC22A => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4E564B9FBCE8F496FFF51278CCD14EE17F09A1CE => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\58939B78BC28EF464220127BB754E3D130306988 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5AACB6A43D9D806E6963937BE702B7A43C1978AE => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE56B2BAAA995F447949B869356528F91230A49 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7450C07722C75E711EF24209A22F0C5C6A5BEC4E => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\775B373B33B9D15B58BC02B184704332B97C3CAF => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\78C55D604474B534EB2B565CAD312FC7D71FE9DE => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\816BE9397F66D1A26EFA04035BCA3BB9E3779740 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8887AF2636E0D3B763AC4D56729218AF89653CA4 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\88AD5DFE24126872B33175D1778687B642323ACF => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8B6DD299C6E4092040E98EB773F3818DF50B038D => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8DC9FE53D5F1D7D558EBE131E922730780D88865 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9A32249E9A6B9CF5C36B0749C81613524D37C594 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A5341949ABE1407DD7BF7DFE75460D9608FBC309 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AA8399A239AE1785200917D32C21F6B662477BE4 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AEEA60E86C66327BFBB8492C33122687AB2B5D91 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B7E607E1FB8943C634580F621788C01C962E8280 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BDEEFEC5F002E281B2292A8C72EACA468CBF9952 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BE894F99B870DA5FCA623F7F4A85D3970A46CDE1 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BF9254919794C1075EA027889C5D304F1121C653 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D70D7D00CA12E1B3E20F3BF7534DEB2C2E7C2404 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DBFAD9D59A6A07DCEB004DBE2DC246B547249E86 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E27AA5FFDCA62A60E435292A243D0C6D43DCC513 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E4A0C1054F8025DD88EE5053094A9A61661AE123 => eliminado correctamente
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9 => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction" => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings" => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Run" => eliminado correctamente
"C:\ProgramData\Voyasollam\Inch-Ing.dll" => Información del valor eliminado correctamente
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\system32\GroupPolicy\User => movido correctamente
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3262702676-2008184811-2743962151-1005\User => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E48453D-4B9B-4FC5-AB49-B4B8AB9B7010}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E48453D-4B9B-4FC5-AB49-B4B8AB9B7010}" => eliminado correctamente
C:\Windows\System32\Tasks\Tasker21 => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tasker21" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{424C4586-CCC0-4FF1-8F62-917768FE1A7B}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{424C4586-CCC0-4FF1-8F62-917768FE1A7B}" => eliminado correctamente
C:\Windows\System32\Tasks\AdvancedUpdater => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdvancedUpdater" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B60CA6CD-4B91-4A70-86CB-7CB7210C8EB5}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B60CA6CD-4B91-4A70-86CB-7CB7210C8EB5}" => eliminado correctamente
C:\Windows\System32\Tasks\Autoupdate => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Autoupdate" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D72954F3-07AF-4C77-8326-75DCFA6C7721}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D72954F3-07AF-4C77-8326-75DCFA6C7721}" => eliminado correctamente
C:\Windows\System32\Tasks\GridinSoft Anti-Malware => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GridinSoft Anti-Malware" => eliminado correctamente
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => valor restaurado correctamente
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => valor restaurado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch => eliminado correctamente
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9} => eliminado correctamente
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => eliminado correctamente
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\"Default"="C:\Program Files\Internet Explorer\iexplore.exe" => valor restaurado correctamente
"Firefox homepage" => eliminado correctamente
"FF Notifications:" => eliminado correctamente
C:\Program Files\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi => movido correctamente
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-24] (Oracle America, Inc." => no encontrado
C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-24] (Oracle America, Inc." => no encontrado
C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll => movido correctamente
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => eliminado correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc" => no encontrado
C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => movido correctamente
"Chrome DefaultSearchURL" => eliminado correctamente
"Chrome DefaultSearchKeyword" => eliminado correctamente
"Chrome HomePage" => eliminado correctamente
"Chrome StartupUrls" => eliminado correctamente
"Chrome DefaultSearchURL" => eliminado correctamente
"Chrome DefaultSearchKeyword" => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
"okbyyvfn" => servicio fue desbloqueado. <==== ATENCI�N => Error: Ninguna corrección automática encontrada para esta entrada.
MBAMService => Servicio detenido correctamente.
HKLM\System\CurrentControlSet\Services\MBAMService => eliminado correctamente
MBAMService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\mracsvc => eliminado correctamente
mracsvc => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\BraveElevationService => eliminado correctamente
BraveElevationService => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\okbyyvfn => eliminado correctamente
okbyyvfn => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\Origin Web Helper Service => eliminado correctamente
Origin Web Helper Service => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\mracdrv => eliminado correctamente
mracdrv => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\RtlWlanu => eliminado correctamente
RtlWlanu => servicio eliminado correctamente
C:\Users\Public\Desktop\Malwarebytes.lnk => movido correctamente
"C:\ProgramData\Desktop\Malwarebytes.lnk" => no encontrado
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes => movido correctamente
C:\Windows\system32\Drivers\mbae64.sys => movido correctamente
C:\ProgramData\Malwarebytes => movido correctamente
C:\Program Files\Malwarebytes => movido correctamente
C:\Users\Usuario\Downloads\MBSetup-0009996.0009996-consumer.exe => movido correctamente
"C:\Windows\system32\Tasks\GridinSoft Anti-Malware" => no encontrado
C:\Users\Public\Desktop\GridinSoft Anti-Malware.lnk => movido correctamente
"C:\ProgramData\Desktop\GridinSoft Anti-Malware.lnk" => no encontrado
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware => movido correctamente
C:\Program Files\GridinSoft Anti-Malware => movido correctamente
C:\ProgramData\GridinSoft => movido correctamente
C:\Users\Usuario\AppData\Roaming\yjfzjgnn => movido correctamente
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => movido correctamente
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => movido correctamente
C:\Windows\system32\Tasks\{CCD454BD-8E6E-41F1-908C-C5D650548A25} => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final 1 RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final 1 CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2800:a4:3063:f700:54ea:7b3f:ebf2:7780
   Direcci¢n IPv6 temporal. . . . . . : 2800:a4:3063:f700:80c0:3d43:f9cb:8bcb
   V¡nculo: direcci¢n IPv6 local. . . : fe80::54ea:7b3f:ebf2:7780%13
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.42
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::1%13
                                       192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{4E14C072-DC5C-4DC5-8EAA-7912A8421017}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{11FF510C-EBB9-4463-BE95-5A4E5CDAC47A}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{28381E95-E6C6-409E-9CDF-00816982DE9A}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final 1 CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final 1 CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final 1 CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final 1 CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final 1 CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final 1 CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final 1 CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 66590336 B
Java, Flash, Steam htmlcache => 48045265 B
Windows/system/drivers => 1541159931 B
Edge => 0 B
Chrome => 2023097684 B
Firefox => 1348278069 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 14449087 B
LocalService => 14449087 B
NetworkService => 14519391 B
Usuario => 6358058834 B
Nico => 7059803351 B

RecycleBin => 24417421454 B
EmptyTemp: => 40 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final 1 Fixlog 00:26:37 ====

Perfecto y ahora para completar la revisión de TU maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

Si algún paso NO lo pudieras realizar continuas con el siguiente y luego nos lo comentas indicando cuales fueron los problemas que tuviste.



:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Buenas tardes Javier. He seguido los procedimientos detallados. Adjunto logs.

Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 14/3/20
Hora del análisis: 10:36
Archivo de registro: beb199b0-65f8-11ea-8d44-a41f726f2bc4.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.848
Versión del paquete de actualización: 1.0.20698
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Dell-Vostro\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 399615
Amenazas detectadas: 200
Amenazas en cuarentena: 200
Tiempo transcurrido: 25 min, 35 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 18
Adware.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\mtVoyasollam, En cuarentena, 900, 378721, 1.0.20698, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\CSASTATS\ic, En cuarentena, 494, 586068, 1.0.20698, , ame, 
PUP.Optional.OnlineIO.E, HKLM\SOFTWARE\WOW6432NODE\AdvancedWindowsManager, En cuarentena, 5091, 787645, 1.0.20698, , ame, 
Adware.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\Microleaves, En cuarentena, 1313, 716215, 1.0.20698, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtVoyasollam, En cuarentena, 900, 378722, 1.0.20698, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Voyasollam_RASAPI32, En cuarentena, 900, 378719, 1.0.20698, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Voyasollam_RASMANCS, En cuarentena, 900, 378719, 1.0.20698, , ame, 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En cuarentena, 519, 584322, 1.0.20698, , ame, 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En cuarentena, 519, 518478, 1.0.20698, , ame, 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En cuarentena, 519, 518476, 1.0.20698, , ame, 
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Voyasollam.exe, En cuarentena, 423, 540333, 1.0.20698, , ame, 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, En cuarentena, 519, 518473, 1.0.20698, , ame, 
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, En cuarentena, 519, 518479, 1.0.20698, , ame, 
Adware.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Voyasollam.exe, En cuarentena, 423, 540333, 1.0.20698, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En cuarentena, 3695, 398592, 1.0.20698, , ame, 
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Voyasollam.exe, En cuarentena, 900, 378717, 1.0.20698, , ame, 
PUP.Optional.OnlineIO.E, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8DA41662-F681-47F9-B114-9657FC5799EF}, En cuarentena, 5091, 787647, 1.0.20698, , ame, 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, En cuarentena, 918, 259928, 1.0.20698, , ame, 

Valor del registro: 13
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 918, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En cuarentena, 918, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\ENVIRONMENT|SNF, En cuarentena, 918, -1, 0.0.0, , action, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\ENVIRONMENT|SNF, En cuarentena, 918, 259517, 1.0.20698, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\ENVIRONMENT|SNP, En cuarentena, 918, 259518, 1.0.20698, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En cuarentena, 918, 259988, 1.0.20698, , ame, 
PUM.Optional.MSExclusion, HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS|C:\WINDOWS\SYSWOW64\OKBYYVFN, En cuarentena, 6987, 692398, 1.0.20698, , ame, 
Rootkit.Agent, HKLM\SOFTWARE\MICROSOFT|MSVER1, En cuarentena, 488, 678869, 1.0.20698, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, En cuarentena, 3695, 333852, 1.0.20698, , ame, 
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, En cuarentena, 3695, 321304, 1.0.20698, , ame, 
PUP.Optional.OnlineIO.E, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8DA41662-F681-47F9-B114-9657FC5799EF}|INSTALLLOCATION, En cuarentena, 5091, 787647, 1.0.20698, , ame, 
PUP.Optional.BookHelper.ChrPRST, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 3\extensions.settings|hnigmaekijecandkailhnklknockjdpd, En cuarentena, 15040, 784086, , , , 
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Profile 3\extensions.settings|pbneiecbhikjapoihjpemfmpaalkafkh, En cuarentena, 1811, 443121, , , , 

Datos del registro: 4
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Sustituido, 918, 293485, 1.0.20698, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Sustituido, 918, 293485, 1.0.20698, , ame, 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Sustituido, 918, 293486, 1.0.20698, , ame, 
Adware.SonicSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Sustituido, 13580, 693611, 1.0.20698, , ame, 

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 27
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En cuarentena, 3695, 391425, 1.0.20698, , ame, 
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates, En cuarentena, 1313, 399763, , , , 
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application, En cuarentena, 1313, 399763, , , , 
Adware.OnlineIO, C:\PROGRAMDATA\MICROLEAVES, En cuarentena, 1313, 399763, 1.0.20698, , ame, 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, En cuarentena, 1313, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, En cuarentena, 1313, 716213, , , , 
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, En cuarentena, 1313, 716213, 1.0.20698, , ame, 
Trojan.Runner, C:\Systemsolumsnformation\gamepatch, En cuarentena, 3600, 775093, , , , 
Trojan.Runner, C:\SYSTEMSOLUMSNFORMATION, En cuarentena, 3600, 775093, 1.0.20698, , ame, 
PUP.Optional.OnlineIO.E, C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer, En cuarentena, 5091, 787643, , , , 
PUP.Optional.OnlineIO.E, C:\PROGRAM FILES (X86)\ADVANCEDWINDOWSMANAGER, En cuarentena, 5091, 787643, 1.0.20698, , ame, 
Trojan.Agent.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\ca0118b4-75d5-4863-ab4a-00163b48f283, En cuarentena, 3719, 701070, 1.0.20698, , ame, 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Guest Profile\Extensions\hnigmaekijecandkailhnklknockjdpd, En cuarentena, 15040, 784086, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 3\Extensions\hnigmaekijecandkailhnklknockjdpd, En cuarentena, 15040, 784086, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\System Profile\Extensions\hnigmaekijecandkailhnklknockjdpd, En cuarentena, 15040, 784086, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HNIGMAEKIJECANDKAILHNKLKNOCKJDPD, En cuarentena, 15040, 784086, 1.0.20698, , ame, 
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\2T3AVTYNBL, En cuarentena, 3715, 357599, 1.0.20698, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\EXTENSIONS\PBNEIECBHIKJAPOIHJPEMFMPAALKAFKH, En cuarentena, 1811, 443121, 1.0.20698, , ame, 
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ROUND-COM, En cuarentena, 14962, 444932, 1.0.20698, , ame, 
PUP.Optional.SonicSearch, C:\USERS\NICO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Data\LevelDB, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Sync Data\LevelDB, En cuarentena, 426, 519968, , , , 
PUP.Optional.Linkury.Generic, C:\USERS\NICO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 204, 454805, , , , 
PUP.Optional.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 204, 454805, , , , 
PUP.Optional.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Data\LevelDB, En cuarentena, 204, 454805, , , , 
PUP.Optional.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Sync Data\LevelDB, En cuarentena, 204, 454805, , , , 

Archivo: 138
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, En cuarentena, 3695, 391425, , , , 
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, En cuarentena, 3695, 391425, , , , 
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, En cuarentena, 918, 259512, 1.0.20698, , ame, 
Adware.OnlineIO, C:\ProgramData\Microleaves\Online Application\updates\basic_updates.aiu, En cuarentena, 1313, 399763, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, En cuarentena, 1313, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, En cuarentena, 1313, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\trz79C7.tmp, En cuarentena, 1313, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, En cuarentena, 1313, 716213, , , , 
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, En cuarentena, 1313, 716213, , , , 
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En cuarentena, 3695, 391431, 1.0.20698, , ame, 
Trojan.Runner, C:\Systemsolumsnformation\gamepatch\config.ini, En cuarentena, 3600, 775093, , , , 
Trojan.Runner, C:\Systemsolumsnformation\gamepatch\yuregf.exe, En cuarentena, 3600, 775093, , , , 
Trojan.Runner, C:\Systemsolumsnformation\icafe8.ini, En cuarentena, 3600, 775093, , , , 
Trojan.Runner, C:\Systemsolumsnformation\rungame.bat, En cuarentena, 3600, 775093, , , , 
Trojan.Runner, C:\Systemsolumsnformation\rungame.exe, En cuarentena, 3600, 775093, , , , 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, En cuarentena, 3756, 404862, 1.0.20698, , ame, 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\MD.XML, En cuarentena, 3756, 404866, 1.0.20698, , ame, 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\NOAH.DAT, En cuarentena, 3756, 404865, 1.0.20698, , ame, 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\AGENT.DAT, En cuarentena, 3756, 404872, 1.0.20698, , ame, 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\Doubletinit.tst, En cuarentena, 3756, 404871, 1.0.20698, , ame, 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\Fresh-La.tst, En cuarentena, 3756, 404871, 1.0.20698, , ame, 
Adware.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\MAIN.DAT, En cuarentena, 3756, 442900, 1.0.20698, , ame, 
Trojan.Agent.TskLnk, C:\USERS\USUARIO\APPDATA\ROAMING\LIB\TSKSCHD.EXE, En cuarentena, 1322, 480930, 1.0.20698, , ame, 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\autoupdate.exe, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1a1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1a1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1b1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1b1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1c1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1c1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1c2.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1c2.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1d1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1d1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1e1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1e1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1e2.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1e2.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1g1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1g1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1g2.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1g2.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1h1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1h1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1h2.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1h2.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1i1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1i1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1j1.bin, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\Data1j1.bin2, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\dpools.txt, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\dpools_sia.txt, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\epools.txt, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\epools_etc.txt, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\libcurl.dll, En cuarentena, 1322, 480930, , , , 
Trojan.Agent.TskLnk, C:\Users\Usuario\AppData\Roaming\Lib\ntskrnl.exe, En cuarentena, 1322, 480930, , , , 
Trojan.Agent, C:\USERS\USUARIO\APPDATA\LOCAL\APPLICATIONHOSTING.DAT, En cuarentena, 489, 712640, 1.0.20698, , ame, 
Adware.Linkury, C:\USERS\USUARIO\APPDATA\LOCAL\installer.dat, En cuarentena, 423, 715618, 1.0.20698, , ame, 
PUP.Optional.OnlineIO.E, C:\PROGRAM FILES (X86)\ADVANCEDWINDOWSMANAGER\WINDOWS INSTALLER\WINDOWS UPDATER.INI, En cuarentena, 5091, 787643, 1.0.20698, , ame, 
PUP.Optional.OnlineIO.E, C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\Uninstall.lnk, En cuarentena, 5091, 787643, , , , 
PUP.Optional.OnlineIO.E, C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\Windows Updater.exe, En cuarentena, 5091, 787643, , , , 
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, En cuarentena, 423, 715618, 1.0.20698, , ame, 
Trojan.Agent.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\ca0118b4-75d5-4863-ab4a-00163b48f283\updatewin1.exe, En cuarentena, 3719, 701070, 1.0.20698, , ame, 
Trojan.Agent.Generic, C:\Users\Usuario\AppData\Local\ca0118b4-75d5-4863-ab4a-00163b48f283\5.exe, En cuarentena, 3719, 701070, , , , 
Trojan.Agent.Generic, C:\Users\Usuario\AppData\Local\ca0118b4-75d5-4863-ab4a-00163b48f283\updatewin.exe, En cuarentena, 3719, 701070, , , , 
Trojan.Agent.Generic, C:\Users\Usuario\AppData\Local\ca0118b4-75d5-4863-ab4a-00163b48f283\updatewin2.exe, En cuarentena, 3719, 701070, , , , 
Trojan.Agent, C:\USERS\USUARIO\APPDATA\LOCAL\LOBBY.DAT, En cuarentena, 489, 712637, 1.0.20698, , ame, 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 15040, 784086, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Guest Profile\Secure Preferences, Sustituido, 15040, 784086, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\System Profile\Secure Preferences, Sustituido, 15040, 784086, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HNIGMAEKIJECANDKAILHNKLKNOCKJDPD\1.0.0.0_0\MANIFEST.JSON, En cuarentena, 15040, 784086, 1.0.20698, , ame, 
PUP.Optional.BookHelper.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, En cuarentena, 15040, -1, 0.0.0, , action, 
PUP.Optional.BookHelper.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, En cuarentena, 15040, -1, 0.0.0, , action, 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\NICO\NTUSER.POL, En cuarentena, 15040, -1, 0.0.0, , action, 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\NTUSER.POL, En cuarentena, 15040, -1, 0.0.0, , action, 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\GUEST PROFILE\EXTENSIONS\HNIGMAEKIJECANDKAILHNKLKNOCKJDPD\1.0.0.0_0\MANIFEST.JSON, En cuarentena, 15040, 784086, 1.0.20698, , ame, 
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\2T3AVTYNBL\CAST.CONFIG, En cuarentena, 3715, 357599, 1.0.20698, , ame, 
Adware.Tuto4PC.Generic, C:\Program Files\2T3AVTYNBL\2T3AVTYNB.exe.config, En cuarentena, 3715, 357599, , , , 
Adware.Tuto4PC.Generic, C:\Program Files\2T3AVTYNBL\uninstaller.exe, En cuarentena, 3715, 357599, , , , 
Adware.Tuto4PC.Generic, C:\Program Files\2T3AVTYNBL\uninstaller.exe.config, En cuarentena, 3715, 357599, , , , 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\EXTENSIONS\HNIGMAEKIJECANDKAILHNKLKNOCKJDPD\1.0.0.0_0\MANIFEST.JSON, En cuarentena, 15040, 784086, 1.0.20698, , ame, 
Adware.Linkury.TskLnk, C:\USERS\USUARIO\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 14962, 444923, 1.0.20698, , ame, 
PUP.Optional.BookHelper.ChrPRST, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\SYSTEM PROFILE\EXTENSIONS\HNIGMAEKIJECANDKAILHNKLKNOCKJDPD\1.0.0.0_0\MANIFEST.JSON, En cuarentena, 15040, 784086, 1.0.20698, , ame, 
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En cuarentena, 14962, 444922, 1.0.20698, , ame, 
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 3\Preferences, Sustituido, 1811, 443121, , , , 
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\EXTENSIONS\PBNEIECBHIKJAPOIHJPEMFMPAALKAFKH\13.901.16.34359_0\MANIFEST.JSON, En cuarentena, 1811, 443121, 1.0.20698, , ame, 
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ROUND-COM\INSTALLATIONCONFIGURATION.XML, En cuarentena, 14962, 444932, 1.0.20698, , ame, 
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Round-Com\uninstall.dat, En cuarentena, 14962, 444932, , , , 
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Round-Com\uninstall.ico, En cuarentena, 14962, 444932, , , , 
PUP.Optional.MindSpark.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\PROFILE 3\EXTENSIONS\PBNEIECBHIKJAPOIHJPEMFMPAALKAFKH\13.901.16.34359_0\CONFIG\CONFIG.JSON, En cuarentena, 1811, 456842, 1.0.20698, , ame, 
PUP.Optional.BundleInstaller, C:\USERS\USUARIO\DOWNLOADS\UTORRENT.EXE, En cuarentena, 503, 790622, 1.0.20698, , ame, 
Adware.Linkury, C:\USERS\USUARIO\APPDATA\LOCAL\X-SOFT.BIN, En cuarentena, 423, 504848, 1.0.20698, , ame, 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000637.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000639.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000641.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000643.log, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000644.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000147.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000149.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000151.log, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000152.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000005.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000876.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000879.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000882.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000883.log, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\000884.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\CURRENT, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\LOCK, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\LOG, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\LOG.old, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\000005.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\000008.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\000010.log, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\000011.ldb, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\CURRENT, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\LOCK, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\LOG, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\LOG.old, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 426, 519968, , , , 
PUP.Optional.SonicSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Web Data, Sustituido, 426, 519968, 1.0.20698, , ame, 
PUP.Optional.SonicSearch, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 3\Web Data, Sustituido, 426, 519968, 1.0.20698, , ame, 
PUP.Optional.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 2\Web Data, Sustituido, 204, 454805, 1.0.20698, , ame, 
PUP.Optional.Linkury.Generic, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 3\Web Data, Sustituido, 204, 454805, 1.0.20698, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build:    03-03-2020
# Database: 2020-03-02.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-14-2020
# Duration: 00:00:27
# OS:       Windows 7 Professional
# Cleaned:  35
# Failed:   3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\LighteningPlayer
Deleted       C:\Program Files (x86)\Seed Trade
Deleted       C:\ProgramData\TSR7Settings
Deleted       C:\ProgramData\rvlkl
Deleted       C:\Users\Usuario\AppData\Roaming\LighteningPlayer

***** [ Files ] *****

Deleted       C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightening Media Player.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PetGame
Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Classes\Interface\{23387882-DEAA-4971-2222-5D5046F2B3BB}
Deleted       HKLM\Software\LighteningPlayer
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\WIFIService
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted       HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       AVG Secure Search
Deleted       AVG Secure Search
Deleted       Web Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted       findit
Deleted       findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1226981B-111F-4430-8C59-3F382C1CF52A}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1226981B-111F-4430-8C59-3F382C1CF52A}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted       Preinstalled.DellSupportAssistAgent   Task   C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Not Deleted   Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SUPPORTASSISTAGENT
Not Deleted   Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted   Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4892 octets] - [14/03/2020 11:18:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by Usuario (Administrator) on 14/03/2020 at 11:34:10,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9 

Successfully deleted: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\extensions\staged (Folder) 
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YMXONAW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MF62G72 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2GR7EWN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQC20FP6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YMXONAW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6MF62G72 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2GR7EWN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQC20FP6 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/03/2020 at 11:36:43,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 08-03-2020
Ejecutado por Usuario (administrador) sobre DELL-VOSTRO (Dell Inc. Vostro 270) (14-03-2020 11:37:30)
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario (Perfiles disponibles: Usuario & Nico)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Hi-Rez Studios) [Archivo no firmado] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Archivo no firmado] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe
(Qualcomm Atheros -> Atheros) [Archivo no firmado] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PTIM.exe] => C:\Program Files (x86)\Webex\Webex\Applications\PTIM.exe [980536 2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22256824 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02D0BB4D-0E27-432D-99D5-24729F5D2E02} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1693CBB7-D29F-4FCC-9B3C-5C0EDD167980} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
Task: {1ADFA368-2986-4EE0-8391-A45ABCFF1259} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3CDB8657-87A0-4653-BE16-97771A631488} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-12-10] (Adobe Inc. -> Adobe)
Task: {42613655-EDBD-48AE-BDF5-0C3B51E34B0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49252CFE-D7F9-43CE-BA5B-FE438E491689} - \{CCD454BD-8E6E-41F1-908C-C5D650548A25} -> Ningún archivo <==== ATENCIÓN
Task: {49DD752A-ED21-4936-9158-BC3888A623D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {59D65E5A-F24F-484E-A772-5AFD54324711} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {69252A98-2C83-4B5C-9C22-C7483D3F0454} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D8AEAAF-45E7-4A07-9309-BFC26A892F52} - System32\Tasks\MAGIX PC Check & Tuning 2019 => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2019\PCCT.exe [2467912 2018-06-01] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {708A9341-8367-4E20-8117-97CFF448CE10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {759E41D6-CB6B-4C40-BCD9-704B3A72E018} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8752A25E-CC84-4ED5-92DB-8884D095BA28} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B25197F-A42A-4FAA-94E5-AA4514BF0AA2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B145DDBE-734D-4486-8555-98DD94255523} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB38A584-9CA6-4722-A163-BD5390BBD8C6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE52C434-B381-4C56-BB6A-DA768F250B76} - System32\Tasks\Opera scheduled Autoupdate 1530899013 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe
Task: {CFB60E38-2B0D-4A40-AF8D-52A1A9B5AE22} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D020891C-0C48-4D38-8A68-EDE69B8B8A28} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F42C73D7-872F-468F-BDD1-148FCBC690A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\MAGIX PC Check & Tuning 2019.job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2019\PCCT.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0969E554-C934-457F-9954-47ED61A5F671}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{28381E95-E6C6-409E-9CDF-00816982DE9A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\Webex\Webex\Applications\ptonecli.dll [2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\Webex\Webex\Applications\ptonecli.dll [2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: b9v9y4lq.default-1573492938078
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 [2020-03-14]
FF NewTab: Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078 -> about:newtab
FF Extension: (BTRoblox - Making Roblox Better) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\[email protected] [2020-03-12]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\[email protected] [2020-03-12]
FF Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\[email protected] [2020-03-12]
FF Extension: (Fortnite Stats) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\Extensions\{23836774-0924-4977-8f2d-43c223f18533}.xpi [2020-03-06]
FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\b9v9y4lq.default-1573492938078\searchplugins\google-avast.xml [2019-12-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [Ningún archivo]
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [Ningún archivo]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-12-10] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Archivo no firmado]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin HKU\S-1-5-21-3262702676-2008184811-2743962151-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Usuario\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-08-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Usuario\AppData\Roaming\mozilla\plugins\npatgpc.dll [2019-03-18]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2020-03-13]
CHR HomePage: Default -> hxxp://www.google.com.uy/
CHR StartupUrls: Default -> "hxxp://www.google.com.uy/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-24]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-24]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (Cisco Webex Extension) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-03-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-16]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-19]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-13]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-14]
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-24]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-24]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-03-13]
CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-24]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-24]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-24]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-24]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-24]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-16]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3 [2020-03-13]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-01]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-01]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-01]
CHR Extension: (Google Optimize) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bhdplaindhdkiflmbfbciehdccfhegci [2019-11-16]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-04]
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-11-04]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-29]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-01]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-01]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-18]
CHR Extension: (Gatos Wallpapers HD Gatos New Tab) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkbdeejidffdchjpmifgfgacikbacpge [2019-05-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (DOM Destroyer) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\npcfmcgpbcnkmfpjibbhmmpmknlobkpb [2019-06-17]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-03]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4 [2020-03-14]
CHR Notifications: Profile 4 -> hxxps://web.skype.com
CHR StartupUrls: Profile 4 -> "hxxp://www.google.com/"
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-19]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-19]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-19]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-19]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Roblox+) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jfbnmfgkohlfclfnplnlenbalpppohkm [2020-03-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-08]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-13]

Opera: 
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\dljmpahjdmlcmopgciohdemghjmdfdbn [2018-09-16]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8413472 2020-02-05] (BattlEye Innovations e.K. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [244280 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3339824 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-14] (Dell Technologies Inc. -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1357\DSAPI.exe [964592 2020-01-29] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-01-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [Archivo no firmado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Archivo no firmado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-14] (Malwarebytes Inc -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-18] (Logitech Inc -> Logitech)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [50648 2020-01-14] (Dell Inc. -> Dell Inc.)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [144440 2019-03-14] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-10-25] (Qualcomm Atheros -> Atheros) [Archivo no firmado]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-08] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2811904 2012-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-02-04] (Bluestack Systems, Inc -> Bluestack System Inc. )
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2019-05-21] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2019-05-21] (Techporch Incorporated -> Dell Computer Corporation)
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [107784 2020-01-16] (GridinSoft, LLC -> GridinSoft LLC)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [38216 2020-01-16] (GridinSoft, LLC -> GridinSoft LLC)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-14 11:37 - 2020-03-14 11:40 - 000034546 _____ C:\Users\Usuario\Desktop\FRST.txt
2020-03-14 11:36 - 2020-03-14 11:36 - 000002016 _____ C:\Users\Usuario\Desktop\JRT.txt
2020-03-14 11:33 - 2020-03-14 11:33 - 000004655 _____ C:\Users\Usuario\Desktop\AdwCleaner[C00].txt
2020-03-14 11:17 - 2020-03-14 11:20 - 000000000 ____D C:\AdwCleaner
2020-03-14 11:14 - 2020-03-14 11:14 - 000028935 _____ C:\Users\Usuario\Desktop\MBAB.txt
2020-03-14 10:35 - 2020-03-14 10:35 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-14 10:35 - 2020-03-14 10:35 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-14 10:35 - 2020-03-14 10:35 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2020-03-14 10:35 - 2020-03-14 10:35 - 000000000 ____D C:\Users\Usuario\AppData\Local\cache
2020-03-14 10:35 - 2020-03-14 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-14 10:34 - 2020-03-14 10:34 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-14 10:34 - 2020-03-14 10:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-14 10:31 - 2020-03-14 10:31 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-14 10:30 - 2020-03-14 10:30 - 000162294 _____ C:\Users\Usuario\Desktop\cc_20200314_103030.reg
2020-03-14 10:24 - 2020-03-14 11:26 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-14 10:24 - 2020-03-14 10:24 - 000002818 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-14 10:24 - 2020-03-14 10:24 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-03-14 10:24 - 2020-03-14 10:24 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-03-14 10:24 - 2020-03-14 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-14 10:24 - 2020-03-14 10:24 - 000000000 ____D C:\Program Files\CCleaner
2020-03-14 10:17 - 2020-03-14 10:17 - 008199856 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.0.3 (1).exe
2020-03-14 10:17 - 2020-03-14 10:17 - 001790024 _____ (Malwarebytes) C:\Users\Usuario\Desktop\JRT.exe
2020-03-14 10:16 - 2020-03-14 10:16 - 022195736 _____ (Piriform Software Ltd) C:\Users\Usuario\Desktop\ccsetup564.exe
2020-03-14 10:16 - 2020-03-14 10:16 - 001928352 _____ (Malwarebytes) C:\Users\Usuario\Desktop\MBSetup (1).exe
2020-03-13 00:38 - 2020-03-14 11:21 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-13 00:38 - 2020-03-14 11:21 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-13 00:13 - 2020-03-13 00:13 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2020-03-13 00:11 - 2020-03-13 00:26 - 000031365 _____ C:\Users\Usuario\Desktop\Fixlog.txt
2020-03-13 00:02 - 2020-03-13 00:02 - 000000266 _____ C:\DelFix.txt
2020-03-13 00:02 - 2020-03-13 00:02 - 000000000 ____D C:\Windows\ERUNT
2020-03-13 00:01 - 2020-03-13 00:01 - 000797760 _____ C:\Users\Usuario\Desktop\delfix.exe
2020-03-12 02:20 - 2020-03-12 02:20 - 008199856 _____ (Malwarebytes) C:\Users\Usuario\Downloads\adwcleaner_8.0.3.exe
2020-03-12 01:50 - 2020-03-12 01:53 - 000068047 _____ C:\Users\Usuario\Desktop\Addition0.txt
2020-03-12 01:47 - 2020-03-14 11:39 - 000000000 ____D C:\FRST
2020-03-12 01:47 - 2020-03-12 01:53 - 000063229 _____ C:\Users\Usuario\Desktop\FRST0.txt
2020-03-12 01:46 - 2020-03-12 01:46 - 002279936 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2020-03-12 01:23 - 2020-03-12 01:23 - 001928352 _____ (Malwarebytes) C:\Users\Usuario\Downloads\MBSetup.exe
2020-03-12 01:20 - 2020-03-12 01:20 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Usuario\Downloads\iExplore.exe
2020-03-12 00:03 - 2020-03-12 00:03 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-03-12 00:03 - 2020-03-12 00:03 - 000002003 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-03-11 04:58 - 2020-03-08 04:51 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-08 10:47 - 2020-03-08 10:47 - 000036964 _____ C:\Users\Usuario\Downloads\Documento sin título(8).pdf
2020-03-08 04:51 - 2020-03-08 04:51 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-08 04:51 - 2020-03-08 04:51 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-07 20:14 - 2020-03-07 20:14 - 000022240 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_1464241266525010.dll
2020-03-06 14:21 - 2020-03-06 14:21 - 000000000 ____D C:\Users\Usuario\AppData\Local\pokemon2
2020-03-06 13:52 - 2020-03-06 13:52 - 000000222 _____ C:\Users\Usuario\Desktop\Trove.url
2020-03-05 20:03 - 2020-03-05 20:03 - 000116892 _____ C:\Users\Usuario\Downloads\Documento sin título(7).pdf
2020-03-05 19:50 - 2020-03-05 19:50 - 000022115 _____ C:\Users\Usuario\Downloads\Tabla de horarios.pdf
2020-03-04 20:48 - 2020-03-04 20:48 - 000000000 ____D C:\Users\Usuario\AppData\Local\Darwin
2020-03-02 13:11 - 2020-03-02 13:11 - 000000000 ____D C:\Users\Usuario\AppData\Local\WB Games
2020-03-01 19:18 - 2020-03-01 19:24 - 1741824497 ____R C:\Users\Usuario\Downloads\Dragon.ball.super.broly.2018.1080p-dual-lat-cinecalidad.to.mp4
2020-03-01 11:56 - 2016-09-30 00:02 - 000000000 ____D C:\Users\Usuario\Desktop\YoutubersLife
2020-03-01 10:49 - 2020-03-01 10:49 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\U-Play online
2020-03-01 10:45 - 2020-03-01 10:45 - 000000000 ____D C:\Users\Usuario\Documents\U-Play online
2020-03-01 10:21 - 2020-03-01 10:21 - 001573568 _____ C:\Users\Usuario\Downloads\SteamSetup(2).exe
2020-02-28 16:17 - 2020-02-28 16:33 - 000000000 ____D C:\ProgramData\BadlionClient
2020-02-28 16:17 - 2020-02-28 16:17 - 000000000 ____D C:\Users\Usuario\AppData\Local\badlion-client-updater
2020-02-28 16:15 - 2020-03-07 09:50 - 000000000 ____D C:\Program Files\Badlion Client
2020-02-27 11:58 - 2020-02-27 11:58 - 000820111 _____ C:\Users\Usuario\Downloads\LabyMod3_Installer.jar
2020-02-25 21:06 - 2020-03-01 19:25 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\uTorrent
2020-02-25 21:06 - 2020-02-25 21:06 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-02-24 13:22 - 2020-02-24 13:22 - 002031012 _____ C:\Users\Usuario\Downloads\OptiFine_1.8.0.jar
2020-02-23 14:38 - 2020-02-23 14:38 - 000000000 ____D C:\Users\Nico\AppData\Roaming\CC
2020-02-23 14:35 - 2020-02-23 14:35 - 000000000 ____D C:\Users\Nico\AppData\Local\UniSDK
2020-02-23 14:27 - 2020-02-23 14:27 - 000000222 _____ C:\Users\Nico\Desktop\CreativeDestruction.url
2020-02-22 18:46 - 2020-02-22 18:46 - 053662069 _____ C:\Users\Usuario\Downloads\PokeGalaxia V3.1.zip
2020-02-17 19:30 - 2020-02-17 19:30 - 000022240 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_370055763445664.dll
2020-02-15 16:10 - 2020-02-15 16:10 - 000000067 _____ C:\Users\Nico\Desktop\contra seba.txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-14 11:32 - 2018-01-24 10:39 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles
2020-03-14 11:26 - 2018-01-24 09:58 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-14 11:24 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\registration
2020-03-14 11:23 - 2019-01-16 04:55 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-14 11:23 - 2018-02-23 19:29 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2020-03-14 11:23 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-14 11:20 - 2018-01-24 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-03-14 11:11 - 2009-07-14 01:45 - 000548584 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-14 11:09 - 2019-05-19 15:43 - 000002341 _____ C:\Users\Usuario\Desktop\Nicolas - Chrome.lnk
2020-03-14 11:09 - 2019-03-24 23:48 - 000002341 _____ C:\Users\Usuario\Desktop\Bravo - Chrome.lnk
2020-03-14 11:09 - 2019-03-24 22:50 - 000002341 _____ C:\Users\Usuario\Desktop\Primer usuario - Chrome.lnk
2020-03-14 11:08 - 2019-12-11 00:10 - 000000000 ____D C:\Users\Nico
2020-03-14 11:08 - 2019-02-17 21:26 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Lib
2020-03-14 11:08 - 2018-01-24 09:06 - 000000000 ____D C:\Users\Usuario
2020-03-14 10:34 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-03-14 10:28 - 2018-12-30 20:55 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\uTorrent
2020-03-14 10:28 - 2018-01-24 22:06 - 000000000 ____D C:\Program Files (x86)\Steam
2020-03-14 10:27 - 2019-01-17 09:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2020-03-14 10:27 - 2018-07-12 21:09 - 000000000 ____D C:\Windows\Minidump
2020-03-14 10:27 - 2018-01-24 05:03 - 000000000 ____D C:\Windows\Panther
2020-03-14 10:00 - 2019-01-16 04:58 - 000004146 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:58 - 000003814 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:58 - 000003798 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:57 - 000003738 _____ C:\Windows\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:57 - 000003738 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:57 - 000003730 _____ C:\Windows\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:57 - 000003554 _____ C:\Windows\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2019-01-16 04:57 - 000003494 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-03-14 10:00 - 2018-01-24 09:58 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-03-13 00:43 - 2018-02-20 20:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-03-13 00:11 - 2009-07-14 00:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2020-03-12 20:55 - 2018-02-20 20:24 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2020-03-12 15:44 - 2019-06-06 19:24 - 000001138 _____ C:\Users\Usuario\Desktop\Roblox Studio.lnk
2020-03-12 15:44 - 2018-11-22 20:55 - 000001319 _____ C:\Users\Usuario\Desktop\Roblox Player.lnk
2020-03-12 15:44 - 2018-09-17 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2020-03-12 03:07 - 2018-01-24 10:05 - 000000000 ____D C:\Windows\system32\MRT
2020-03-12 03:02 - 2019-03-24 23:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-03-12 03:02 - 2018-01-24 10:05 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-12 00:18 - 2018-01-24 23:15 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-03-12 00:08 - 2018-07-13 20:42 - 000000000 ____D C:\Users\Usuario\AppData\Local\AVAST Software
2020-03-11 12:59 - 2018-01-24 09:58 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-09 19:51 - 2019-10-20 11:58 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\.minecraft
2020-03-08 04:51 - 2019-02-19 22:12 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-08 04:51 - 2018-10-22 16:25 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-08 04:51 - 2018-01-24 09:58 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-08 04:51 - 2018-01-24 09:58 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-08 04:51 - 2018-01-24 09:58 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-08 04:50 - 2019-01-17 09:31 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-08 04:50 - 2019-01-17 08:59 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-08 04:50 - 2019-01-17 08:59 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-08 04:50 - 2019-01-17 08:59 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-08 04:50 - 2018-01-24 09:58 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-08 04:50 - 2018-01-24 09:58 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-07 09:53 - 2019-10-19 20:52 - 000000000 ____D C:\Program Files (x86)\Wizards of the Coast
2020-03-07 09:50 - 2019-08-31 15:51 - 000000000 ____D C:\Users\Usuario\Documents\Wondershare Filmora 9
2020-03-06 14:21 - 2018-02-23 15:59 - 000000000 ____D C:\Users\Usuario\AppData\Local\UnrealEngine
2020-03-04 20:48 - 2018-02-23 19:41 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\EasyAntiCheat
2020-03-02 09:32 - 2019-05-24 21:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\BitTorrentHelper
2020-03-01 19:28 - 2011-01-22 07:50 - 000747396 _____ C:\Windows\system32\perfh00A.dat
2020-03-01 19:28 - 2011-01-22 07:50 - 000158868 _____ C:\Windows\system32\perfc00A.dat
2020-03-01 19:28 - 2009-07-14 02:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-26 14:14 - 2019-12-16 10:40 - 000002162 _____ C:\Users\Nico\Desktop\Discord.lnk
2020-02-26 14:14 - 2019-12-16 10:40 - 000000000 ____D C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-02-26 14:14 - 2019-12-16 10:40 - 000000000 ____D C:\Users\Nico\AppData\Roaming\Discord
2020-02-26 14:14 - 2019-12-16 10:40 - 000000000 ____D C:\Users\Nico\AppData\Local\Discord
2020-02-24 22:40 - 2018-01-24 09:54 - 000165648 _____ C:\Users\Usuario\AppData\Local\GDIPFONTCACHEV1.DAT
2020-02-24 22:12 - 2018-01-25 00:00 - 000000000 ____D C:\Program Files (x86)\Minecraft
2020-02-23 14:27 - 2019-12-18 21:46 - 000000000 ____D C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-02-23 14:11 - 2019-12-11 00:10 - 000000000 __SHD C:\Users\Nico\IntelGraphicsProfiles
2020-02-22 12:30 - 2019-01-17 11:43 - 005604984 _____ () C:\Users\Usuario\Desktop\TechnicLauncher.exe
2020-02-22 12:29 - 2018-02-13 13:53 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\.technic
2020-02-19 17:30 - 2019-12-16 07:21 - 000000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2020-02-15 20:50 - 2019-12-24 16:55 - 000000000 ____D C:\Users\Nico\AppData\Roaming\obs-studio
2020-02-14 17:07 - 2019-12-11 21:10 - 000000000 ____D C:\Users\Nico\AppData\Roaming\.minecraft
2020-02-13 19:22 - 2019-12-11 00:11 - 000000000 ____D C:\Users\Nico\AppData\Local\UnrealEngine

==================== Archivos en la raíz de algunos directorios ========

2019-01-09 23:00 - 2019-01-09 23:00 - 038235304 _____ () C:\Users\Usuario\AppData\Roaming\gameboxsetup.exe
2019-12-01 07:37 - 2019-12-01 07:37 - 000000505 _____ () C:\Users\Usuario\AppData\Roaming\Microsoft\config.ini
2019-12-01 07:37 - 2019-12-01 07:37 - 000000562 _____ () C:\Users\Usuario\AppData\Local\bowsakkdestx.txt
2019-12-01 07:37 - 2019-12-01 07:37 - 000069888 _____ () C:\Users\Usuario\AppData\Local\Config.xml
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Doubletinit.exe
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Fresh-La.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-03-08 00:45
==================== Final de FRST.txt ========================

Addition.txt

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 08-03-2020
Ejecutado por Usuario (14-03-2020 11:40:27)
Ejecutado desde C:\Users\Usuario\Desktop
Windows 7 Professional Service Pack 1 (X64) (2018-01-24 12:06:31)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3262702676-2008184811-2743962151-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3262702676-2008184811-2743962151-1004 - Limited - Enabled)
Invitado (S-1-5-21-3262702676-2008184811-2743962151-501 - Limited - Disabled)
Nico (S-1-5-21-3262702676-2008184811-2743962151-1005 - Limited - Enabled) => C:\Users\Nico
Usuario (S-1-5-21-3262702676-2008184811-2743962151-1000 - Administrator - Enabled) => C:\Users\Usuario

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\uTorrent) (Version: 3.5.5.45574 - BitTorrent Inc.)
Actualización de NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco Webex LLC)
Cisco Webex Meetings Desktop App (HKLM-x32\...\{F0083ED2-0FF2-4BAD-9D30-BD5A28BCBEF8}) (Version: 39.1.6.4 - Cisco Webex LLC)
Configuración de cámara Logitech (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
Creator 1.3.6 x64 (HKLM-x32\...\{30B53D11-E948-47C0-9D9D-9550C2518185}_is1) (Version: 1.3.6 - Aumentaty S.L.)
Dell SupportAssist (HKLM\...\{B7682259-63F5-42FA-933B-ACD343CF7049}) (Version: 3.4.1.49 - Dell Inc.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Discord (HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{D19DBA3B-7451-49DB-98C4-E22F824663D9}) (Version: 1.1.220.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 6.0.2.4 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IHMC CmapTools v6.03 (HKLM-x32\...\IHMC CmapTools v6.03) (Version: 6.0.3.0 - Institute for Human & Machine Cognition)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{75299AB0-6BC8-435F-8D62-AA1DDEA1EF2F}) (Version: 7.5.2 - Intel Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Magic The Gathering Online  (HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\0f5c6e93bfc3614a) (Version: 3.4.112.4020 - Wizards of the Coast, LLC)
MAGIX PC Check & Tuning 2019 (HKLM-x32\...\PC Check Tuning 2019_is1) (Version: 2.7.0.56 - MAGIX Software GmbH)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft .NET Core SDK 2.1.300 - rc1 (x64) (HKLM-x32\...\{0d537e00-ebc0-43ff-91e0-8fcb67ec2721}) (Version: 2.1.300.8673 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Launcher (HKLM-x32\...\{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
NVIDIA Controlador de 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
OpenOffice 4.1.4 (HKLM-x32\...\{BC30EC57-E62C-4868-84DC-25ABC3E4F891}) (Version: 4.14.9788 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5.2 - Alessandro Portale)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
Roblox Player (HKLM-x32\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Usuario (HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\roblox-studio) (Version:  - Roblox Corporation)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TL-WN725N_WN723N Controlador (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\ZoomUMX) (Version: 4.4 - Zoom Video Communications, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} =>  -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} =>  -> Ningún archivo
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} =>  -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Módulos cargados (Lista blanca) =============

2018-01-24 11:01 - 2012-10-25 00:55 - 000439296 ____N (Atheros) [Archivo no firmado] C:\Windows\system32\athihvs.dll
2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-01-13 07:04 - 2020-01-13 07:04 - 001899008 _____ (SQLite Development Team) [Archivo no firmado] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\...\Skype.com -> hxxps://Skype.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2020-03-13 00:17 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\
HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupreg: Discord => C:\Users\Usuario\AppData\Local\Discord\app-0.0.305\Discord.exe
MSCONFIG\startupreg: gtarcade => "C:\Users\Usuario\AppData\Local\Gtarcade\app\gtarcade.exe"   /game_id=39 /startgame=TGVhZ3VlIG9mIEFuZ2Vscw==
MSCONFIG\startupreg: McAfeeSafeConnect => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe isAutoLaunch
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe Ningún archivo
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe Ningún archivo
FirewallRules: [TCP Query User{F6712459-AFE1-44D2-B7EB-FDA7217607A1}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{AAC9A205-FF39-4C67-AC29-FE53294862F2}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe

==================== Puntos de Restauración =========================

12-03-2020 02:46:19 Punto de control programado
12-03-2020 03:00:10 Windows Update
14-03-2020 11:19:43 AdwCleaner_BeforeCleaning_14/03/2020_11:19:42
14-03-2020 11:34:11 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/14/2020 11:24:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (03/14/2020 11:14:17 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/14/2020 11:14:17 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/14/2020 11:14:17 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: No se puede inicializar el objeto Recopilador.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/14/2020 11:14:17 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.TripoliIndexer>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	No se ha encontrado el elemento.  (HRESULT : 0x80070490) (0x80070490)

Error: (03/14/2020 11:14:11 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: No se puede inicializar el complemento <Search.JetPropStore>.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/14/2020 11:14:10 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: El servicio Windows Search no puede cargar la información del almacén de propiedades.

Contexto: aplicación Windows, catálogo SystemIndex

Detalles:
	La base de datos del índice de contenido está dañada.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/14/2020 11:14:10 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: El servicio Windows Search se está deteniendo porque hay un problema con el indizador: The catalog is corrupt.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


Errores del sistema:
=============
Error: (03/14/2020 11:24:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: El servicio Dell Client Management Service no respondió después de iniciar.

Error: (03/14/2020 11:22:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Protección de software no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio debido a un error en el inicio de sesión.

Error: (03/14/2020 11:22:01 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio sppsvc no se pudo iniciarse como NT AUTHORITY\NetworkService con la contraseña configurada actualmente debido al siguiente error: 
Solicitud no compatible.


Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

Error: (03/14/2020 11:22:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Adaptador de rendimiento de WMI no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio debido a un error en el inicio de sesión.

Error: (03/14/2020 11:22:01 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: El servicio wmiApSrv no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error: 
Solicitud no compatible.


Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).

Error: (03/14/2020 11:21:56 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\athihvs.dll

Error: (03/14/2020 11:21:56 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\athihvs.dll

Error: (03/14/2020 11:21:53 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\Windows\system32\athihvs.dll


==================== Información de la memoria =========================== 

BIOS: Dell Inc. A05 07/26/2012
Placa base: Dell Inc. 084J0R
Procesador: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Porcentaje de memoria en uso: 47%
RAM física total: 8066.04 MB
RAM física disponible: 4230.35 MB
Virtual total: 16130.23 MB
Virtual disponible: 11957.67 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:128.28 GB) NTFS

\\?\Volume{a46b78c3-00fe-11e8-877c-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: DDF77231)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Previamente había detectado amplia evidencia de software malicioso pero siempre me quedaba algún resto sin eliminar. Muchas gracias por la gestión realizada. Quedo a la espera de instrucciones para los siguientes pasos.

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ningún archivo
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ningún archivo
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
MSCONFIG\startupreg: McAfeeSafeConnect => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe isAutoLaunch
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
Task: {49252CFE-D7F9-43CE-BA5B-FE438E491689} - \{CCD454BD-8E6E-41F1-908C-C5D650548A25} -> Ningún archivo <==== ATENCIÓN
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [Ningún archivo]
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [Ningún archivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
2020-03-13 00:38 - 2020-03-14 11:21 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-13 00:38 - 2020-03-14 11:21 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-09 23:00 - 2019-01-09 23:00 - 038235304 _____ () C:\Users\Usuario\AppData\Roaming\gameboxsetup.exe
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Doubletinit.exe
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Fresh-La.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Buenas noches. Ejecuté el proceso 2 veces porque no encontraba el log del primero. Adjunto Fixlog de la 2da vez.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 08-03-2020
Ejecutado por Usuario (15-03-2020 00:38:48) Run:3
Ejecutado desde C:\Users\Usuario\Desktop
Perfiles cargados: Usuario (Perfiles disponibles: Usuario & Nico)
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ning�n archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ning�n archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ning�n archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ning�n archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ning�n archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ning�n archivo
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ning�n archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ning�n archivo
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ning�n archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ning�n archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ning�n archivo
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => -> Ning�n archivo
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
MSCONFIG\startupreg: McAfeeSafeConnect => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe isAutoLaunch
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricci�n <==== ATENCI�N
Task: {49252CFE-D7F9-43CE-BA5B-FE438E491689} - \{CCD454BD-8E6E-41F1-908C-C5D650548A25} -> Ning�n archivo <==== ATENCI�N
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [Ning�n archivo]
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [Ning�n archivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [Ning�n archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ning�n archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ning�n archivo]
2020-03-13 00:38 - 2020-03-14 11:21 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-13 00:38 - 2020-03-14 11:21 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-09 23:00 - 2019-01-09 23:00 - 038235304 _____ () C:\Users\Usuario\AppData\Roaming\gameboxsetup.exe
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Doubletinit.exe
2019-12-01 07:37 - 2019-12-01 07:36 - 001044480 _____ () C:\Users\Usuario\AppData\Local\Fresh-La.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => no encontrado
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => no encontrado
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\GridinSoft Anti-Malware => no encontrado
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => no encontrado
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\GridinSoft Anti-Malware => no encontrado
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => no encontrado
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => no encontrado
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\GridinSoft Anti-Malware => no encontrado
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => no encontrado
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => no encontrado
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\GridinSoft Anti-Malware => no encontrado
"C:\Users\Public\AppData" => ":CSM" ADS no encontrado.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS no encontrado.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\McAfeeSafeConnect => no encontrado
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => no encontrado
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49252CFE-D7F9-43CE-BA5B-FE438E491689}" => no encontrado
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CCD454BD-8E6E-41F1-908C-C5D650548A25}" => no encontrado
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.191.2 => no encontrado
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6 => no encontrado
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8 => no encontrado
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => movido correctamente
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => movido correctamente
"C:\Users\Usuario\AppData\Roaming\gameboxsetup.exe" => no encontrado
"C:\Users\Usuario\AppData\Local\Doubletinit.exe" => no encontrado
"C:\Users\Usuario\AppData\Local\Fresh-La.exe" => no encontrado
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3262702676-2008184811-2743962151-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2800:a4:3063:a00:54ea:7b3f:ebf2:7780
   Direcci¢n IPv6 temporal. . . . . . : 2800:a4:3063:a00:493b:aba6:ff63:33c1
   V¡nculo: direcci¢n IPv6 local. . . : fe80::54ea:7b3f:ebf2:7780%13
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.42
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::1%13
                                       192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{28381E95-E6C6-409E-9CDF-00816982DE9A}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3087931 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4824 B
Edge => 0 B
Chrome => 21490214 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
Usuario => 209751191 B
Nico => 209751191 B

RecycleBin => 12801 B
EmptyTemp: => 431.5 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 00:40:09 ====

Hola.

Bien… el informe que has puesto NO sirve de mucho… :face_with_raised_eyebrow: Si se hace el proceso una segunda vez el informe o el proceso NO encentra YA ningun elemento a eliminar.

Para asegurarnos que NO queda algo por ahí escondido vas a realizar las indicaciones que se dan en este :arrow_right: Manual de Eset Online Scanner .

Cuando termines el proceso nos pones el informe que se habrá generado. :+1:

Saludos.

Buenos días. Adjunto informe de Eset Online Scanner

26/03/2020 09:24:44 a.m.
Archivos explorados: 572536
Archivos detectados: 22
Archivos desinfectados: 20
Tiempo total de exploración 03:32:02
Estado de la exploración: Finalizado
C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-95d.vpx	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Users\Usuario\AppData\Roaming\.technic\modpacks\planeta-vegette-5\cache\planeta-vegette-5-1.0.zip	HTML/ScrInject.B troyano	eliminado

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_44954.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_44994.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45095.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45146.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45225.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45231.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45271.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45291.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45311.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45341.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45395.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45505.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45574.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.5_45608.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Users\Usuario\Documents\Lucid Swapper V2 [EITAX].rar	una variante de MSIL/Injector.UNP troyano	eliminado

C:\Users\Usuario\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl  Activator  P2P\Microsoft Toolkit.exe	una variante de MSIL/HackKMS.G aplicación potencialmente no segura	desinfectado por eliminación

C:\Users\Usuario\Downloads\Detection.exe	una variante de Win64/SystemRequirementsLab.A aplicación potencialmente no deseada	desinfectado por eliminación

C:\Windows\Installer\5be40e9.msi	Win32/Adware.OnlineIO.B aplicación	desinfectado por eliminación

Perfecto @Cafe_Cafe y como sigue la situacion de tu equipo ahora mismo…??

Va mucho mejor por suerte. Demora un poco al iniciar Windows pero se la nota mucho más fluída.

Perfecto. :+1:

Para intentar agilizar un poco tu equipo realiza las indicaciones que se dan en esta guía :

:arrow_right: Liberar Espacio en Discos y Particiones.

Cuando lo hayas realizado una primera vez APAGAS totalmente el equipo lo vuelves a encender y repites el proceso de nuevo.

Después compruebas su funcionamiento.

Saludos.