Virus "browserr . top "

Hola buenas,hoy mismo estaba navegando normalmente cuando avast me manda una notificacion diciendo lo siguiente " Hemos anulado de forma segura la conexion de browserr . top porque estaba infectada con URL:BlackList " Fueron 2 notificaciones pero no ha vuelto a mandarme ninguna notificacion,es algo de lo cual me deba preocupar? Gracias por adelantado.

PD : Tambien pase un escaneo de avast completo pero no aparecio ningun virus ni nada.

Hola @John bienvenido al ForoSpyware

Puede ser que te haya saltado ese aviso al visitar alguna web, pero vamos a ver si tienes infecciones.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado, actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Hola gracias por responder. Aca esta el scan de Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 15/8/19
Hora del análisis: 14:11
Archivo de registro: 207076ca-bf88-11e9-ba71-7071bcc8825c.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.12029
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x86
Sistema de archivos: NTFS
Usuario: Jhonny-PC\Jhonny

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 178710
Amenazas detectadas: 13
Amenazas en cuarentena: 13
Tiempo transcurrido: 6 min, 48 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 13
PUP.Optional.NewTabTV, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage, En cuarentena, [342], [359416],1.0.12029
PUP.Optional.NewTabTV, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage-journal, En cuarentena, [342], [359416],1.0.12029
PUP.Optional.NewTabTV, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, En cuarentena, [342], [359410],1.0.12029
PUP.Optional.NewTabTV, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage-journal, En cuarentena, [342], [359410],1.0.12029
PUP.Optional.MindSpark.Generic, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_fromdoctopdf.dl.tb.ask.com_0.localstorage, En cuarentena, [1768], [443123],1.0.12029
PUP.Optional.MindSpark.Generic, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_fromdoctopdf.dl.tb.ask.com_0.localstorage-journal, En cuarentena, [1768], [443123],1.0.12029
PUP.Optional.FullTab, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_fulltab.com_0.localstorage, En cuarentena, [2377], [443392],1.0.12029
PUP.Optional.FullTab, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_fulltab.com_0.localstorage-journal, En cuarentena, [2377], [443392],1.0.12029
PUP.Optional.MindSpark.Generic, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_fromdoctopdf.dl.myway.com_0.localstorage, En cuarentena, [1768], [443124],1.0.12029
PUP.Optional.MindSpark.Generic, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_fromdoctopdf.dl.myway.com_0.localstorage-journal, En cuarentena, [1768], [443124],1.0.12029
PUP.Optional.FullTab, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage, En cuarentena, [2377], [443391],1.0.12029
PUP.Optional.FullTab, C:\USERS\JHONNY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage-journal, En cuarentena, [2377], [443391],1.0.12029
HackTool.FilePatch, C:\PROGRAM FILES\INTERNET DOWNLOAD MANAGER\PATCH [BY TECNOTUTOSHD].EXE, En cuarentena, [7650], [281135],1.0.12029

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner: 
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-15-2019
# Duration: 00:00:02
# OS:       Windows 7 Ultimate
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\AvastBrowserAutoLaunch_638DD70E8536A90DA4BEB6720B246B45

***** [ Chromium (and derivatives) ] *****

Deleted       Nueva pestaña y búsqueda de Yahoo
Deleted       Nueva pestaña y búsqueda de Yahoo
Deleted       Nueva pestaña y búsqueda de Yahoo

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1722 octets] - [21/02/2019 13:34:36]
AdwCleaner[C00].txt - [1776 octets] - [21/02/2019 13:35:24]
AdwCleaner[S01].txt - [1722 octets] - [15/08/2019 14:28:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Tambien hay otro que es [S01] Lo pego aca tambien?

Hola

No, ese reporte no hace falta que lo pongas.

Tenías alguna infección en tu equipo, vamos a revisar por si quedara algo más.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Google me dice que el archivo puede ser peligroso aun asi lo descargo?

Hola

No te preocupes, es un falso positivo, puedes descargarlo tranquilamente

Un saludo

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-08-2019
Ran by Jhonny (administrator) on JHONNY-PC (langchao 12345) (15-08-2019 14:57:41)
Running from C:\Users\Jhonny\Downloads
Loaded Profiles: Jhonny (Available Profiles: Jhonny)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(PixArt Imaging Inc. -> PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(PixArt Imaging Incorporation) [File not signed] C:\Windows\PixArt\PAP7501\PACTray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [GUCI_AVS] => C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Inc. -> PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] => C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation) [File not signed]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\Run: [Skype for Desktop] => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\MountPoints2: {d7fb13e6-3314-11e4-996f-7071bcc8825c} - E:\AutoRun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-12-22]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AE6A730-448F-41B9-B3A8-931CAF389387} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {0D86BBE1-4DC3-42E9-8274-BAE253CE6491} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0EAE8D94-9A36-4A78-99A0-FE2356691CC7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {12E176A2-6078-42FC-BFB2-49BA6FC42CE7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1695112 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {1A237E6F-2316-4DB8-A1DD-A0A1AFF27CE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe [1452544 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {287B4E9B-7043-474E-AB36-2D05A67DC740} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {353559F9-8E54-44B9-A16C-50B93009B980} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {541F9C1E-6769-4747-B550-DCFF9D5DE569} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {5EDD87AE-85CE-4457-8A32-D9E0DE8ADE36} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {6935A89C-828C-41CE-9F4E-EB282EA9A3E9} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1380232 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {6D23136C-D18D-456D-954A-8FFC1753BFB0} - System32\Tasks\Opera scheduled Autoupdate 1420948219 => C:\Program Files\Opera\launcher.exe
Task: {868BF395-4D4D-45D4-A52B-E6684B4A1B7B} - System32\Tasks\{E3712CA1-E3E0-4E8F-93FF-233DA3E8516B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\3dGirlz\Default\Q3DUnInst.exe" -d "C:\Program Files\3dGirlz\Default"
Task: {878CD114-82F1-49CC-9112-BD3E2579B7D2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3228552 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {908FD9AB-E922-4051-B1CC-F747F10B5B41} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {986601B4-079C-4115-A688-4482E7B43301} - System32\Tasks\Avast Cleanup Update => C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {A1D7DD0A-E338-4E4F-A2EA-6C48A0B2DD1B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D63E5723-7165-49A1-A65C-EEA5DC762C7C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {E38D4775-6C95-4653-A5BE-3CA0FDAFA613} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68C687E0-D5DC-4311-AC7A-95D97C04CC2C}: [NameServer] 8.8.8.8,8.8.4.4,192.168.1.1
Tcpip\..\Interfaces\{68C687E0-D5DC-4311-AC7A-95D97C04CC2C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9B93F5AA-9FB9-430E-8403-F6A043E8005E}: [NameServer] 8.8.8.8,8.8.4.4,
Tcpip\..\Interfaces\{9BAB27F2-F778-450A-B265-7157C9240DD7}: [NameServer] 8.8.8.8,8.8.4.4,
Tcpip\..\Interfaces\{9BAB27F2-F778-450A-B265-7157C9240DD7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> {2CDD1B11-7451-4FF7-B1B2-F7937325AB83} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> {463ED07E-EE6C-4914-8F29-0030129D307C} URL = hxxps://ve.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-12-13] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-13] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Jhonny\AppData\Roaming\Mozilla\Firefox\Profiles\ecoe62q7.default-1507739702162 [2019-08-15]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jhonny\AppData\Roaming\Mozilla\Firefox\Profiles\ecoe62q7.default-1507739702162\Extensions\[email protected] [2019-02-13]
FF Extension: (Avast Online Security) - C:\Users\Jhonny\AppData\Roaming\Mozilla\Firefox\Profiles\ecoe62q7.default-1507739702162\Extensions\[email protected] [2018-09-05]
FF HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2018-02-28] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Jhonny\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Jhonny\AppData\Roaming\IDM\idmmzcc5 [2018-09-08] [Legacy] [not signed]
FF HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-12] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2016-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3083680158-2954937715-333984504-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default [2019-08-15]
CHR Extension: (Presentaciones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (YouTube) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Slinky Elegante) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2019-08-03]
CHR Extension: (Hola Video Accelerator) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgpmaaockmdehmidghebcjafhihlgha [2018-09-12]
CHR Extension: (Búsqueda de Google) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-05]
CHR Extension: (Hojas de cálculo) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (AdBlock) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-15]
CHR Extension: (Avast Online Security) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (Image Search Options) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2019-01-27]
CHR Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2019-08-08]
CHR Extension: (GiveAway.su - Get games for free!) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\modkgipgommbdobanfinadelfafeiadk [2018-07-12]
CHR Extension: (IDM Integration Module) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
CHR Profile: C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-15]
CHR Profile: C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-08-15]
CHR Extension: (Presentaciones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-12]
CHR Extension: (Documentos) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Google Drive) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-12]
CHR Extension: (YouTube) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Tampermonkey) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Hojas de cálculo) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (Avast Online Security) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-30]
CHR Extension: (IDM Integration Module) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-12]
CHR Extension: (Gmail) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-28]
CHR Profile: C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-08-15]
CHR Extension: (Presentaciones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-28]
CHR Extension: (Documentos) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-28]
CHR Extension: (Google Drive) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-28]
CHR Extension: (Tampermonkey) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-09-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-21]
CHR Extension: (Hojas de cálculo) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-18]
CHR Extension: (Avast Online Security) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-28]
CHR Extension: (IDM Integration Module) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-10-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-28]
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2018-09-28]
CHR Extension: (Gmail) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03]
CHR Profile: C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-08-15]
CHR Extension: (Presentaciones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-18]
CHR Extension: (Documentos) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-18]
CHR Extension: (Google Drive) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-18]
CHR Extension: (YouTube) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-18]
CHR Extension: (Tampermonkey) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-23]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-07-07]
CHR Extension: (Hojas de cálculo) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-18]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-19]
CHR Extension: (Avast Online Security) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-18]
CHR Extension: (Razer) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmlcofonhhnblmfeigfbbpkbmdkgbdo [2019-04-18]
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2019-05-25]
CHR Extension: (Gmail) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-18]
CHR Extension: (Chrome Media Router) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-07]
CHR Profile: C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-15]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-03-30]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3083680158-2954937715-333984504-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (SaveFrom.net helper) - C:\Users\Jhonny\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdpljndcmbeikfnlflcggaipgnhiedbl [2017-07-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5551168 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-01] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [365048 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-01] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [File not signed]
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7449992 2019-08-07] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34696 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174472 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225816 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171216 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56504 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [214944 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40904 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139864 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101192 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73008 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403952 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167576 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312760 2019-08-05] (AVAST Software s.r.o. -> AVAST Software)
S3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [26168 2019-07-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [40504 2019-07-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [543616 2009-11-06] (PixArt Imaging Inc. -> PixArt Imaging Incorporation)
R3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [530944 2009-07-13] (Microsoft Windows -> Ralink Technology, Corp.)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Microsoft Windows -> Realtek Corporation )
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [41976 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S0x02000000 OMSCAN; \Sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-15 14:57 - 2019-08-15 14:58 - 000029622 _____ C:\Users\Jhonny\Downloads\FRST.txt
2019-08-15 14:57 - 2019-08-15 14:57 - 000000000 ____D C:\FRST
2019-08-15 14:45 - 2019-08-15 14:56 - 001448960 _____ (Farbar) C:\Users\Jhonny\Downloads\FRST.exe
2019-08-15 14:35 - 2019-08-15 14:36 - 000163382 _____ C:\Users\Jhonny\Documents\cc_20190815_143555.reg
2019-08-15 14:09 - 2019-08-15 14:10 - 000000000 ____D C:\Program Files\CCleaner
2019-08-15 14:09 - 2019-08-15 14:09 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-15 14:09 - 2019-08-15 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-08-15 14:06 - 2019-08-15 14:09 - 020638704 _____ (Piriform Software Ltd) C:\Users\Jhonny\Downloads\ccsetup558.exe
2019-08-15 14:06 - 2019-08-15 14:06 - 000000000 ____D C:\Users\Jhonny\AppData\Local\mbam
2019-08-15 14:05 - 2019-08-15 14:05 - 000000000 ____D C:\Users\Jhonny\AppData\Local\mbamtray
2019-08-15 14:04 - 2019-08-15 14:05 - 007623880 _____ (Malwarebytes) C:\Users\Jhonny\Downloads\adwcleaner_7.4.exe
2019-08-15 14:04 - 2019-08-15 14:04 - 000001980 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-15 14:04 - 2019-08-15 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-15 14:04 - 2019-08-15 14:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-15 14:04 - 2019-08-15 14:04 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-15 14:04 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-08-15 13:43 - 2019-08-15 13:51 - 065020816 _____ (Malwarebytes ) C:\Users\Jhonny\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.12003.exe
2019-07-23 22:17 - 2019-06-25 15:36 - 000312200 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-15 14:38 - 2009-07-14 00:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-15 14:38 - 2009-07-14 00:34 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-15 14:38 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2019-08-15 14:35 - 2018-09-08 20:25 - 000000000 ____D C:\Users\Jhonny\AppData\Roaming\IDM
2019-08-15 14:29 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-15 14:18 - 2018-09-08 20:24 - 000000000 ____D C:\Program Files\Internet Download Manager
2019-08-15 12:02 - 2017-10-11 12:35 - 000000000 ____D C:\Users\Jhonny\Desktop\Cosas
2019-08-15 11:55 - 2018-04-01 18:10 - 000000000 ____D C:\Users\Jhonny\AppData\Local\AVAST Software
2019-08-14 09:49 - 2017-04-14 16:32 - 000000000 ____D C:\Program Files\Common Files\Steam
2019-08-12 16:43 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF
2019-08-07 19:45 - 2015-01-14 19:25 - 000002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-06 15:42 - 2019-04-06 16:53 - 000000000 ____D C:\Users\Jhonny\AppData\Roaming\StardewValley
2019-08-05 10:14 - 2015-12-30 20:49 - 000312760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-07-31 10:23 - 2019-06-25 15:37 - 000139864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-07-31 10:23 - 2015-12-30 20:49 - 000783024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-07-29 16:46 - 2018-09-08 20:25 - 000000000 ____D C:\Users\Jhonny\AppData\Roaming\DMCache
2019-07-26 10:04 - 2018-09-08 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-24 16:25 - 2018-04-01 19:24 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-07-22 15:31 - 2017-11-16 17:16 - 000000000 ____D C:\Users\Jhonny\AppData\LocalLow\Unity
2019-07-20 10:19 - 2009-07-14 00:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories ================

2016-10-01 18:59 - 2016-04-02 14:32 - 000258048 _____ () C:\Users\Jhonny\autoclick_2_2.exe
2015-09-19 11:35 - 2015-09-19 11:35 - 000000000 ____H () C:\Users\Jhonny\AppData\Local\BIT2D67.tmp
2019-04-27 17:45 - 2019-04-27 17:45 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{56163F3D-5F97-48BD-872A-41C8DA322A18}
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{5D262F7F-7E8C-4F57-9A6B-77AC0430DF69}
2015-09-19 11:35 - 2015-09-19 11:35 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{975FFDCD-5A17-415C-9CB9-5F82792A8E8E}
2018-06-29 08:11 - 2018-06-29 08:11 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{C56BAC8C-1F4B-401F-855D-6A97F0B0040C}
2015-01-23 19:23 - 2015-01-23 19:23 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{CB707F04-D241-495D-A61F-BBA3C5C55E88}
2019-04-17 19:49 - 2019-04-17 19:49 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{D97626EB-499B-43DC-AE00-D4979F347E58}
2014-10-13 07:50 - 2014-10-13 07:51 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{F2D73E99-EF65-4DE4-B0C9-7B6FE9AD367E}
2014-10-14 15:11 - 2014-10-14 15:11 - 000000000 _____ () C:\Users\Jhonny\AppData\Local\{FF7625B6-6C59-4615-A053-098E2CE935AF}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-11 12:17
==================== End of FRST.txt =============

Addition

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-08-2019
Ran by Jhonny (15-08-2019 14:58:50)
Running from C:\Users\Jhonny\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2014-06-09 03:13:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3083680158-2954937715-333984504-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-3083680158-2954937715-333984504-1002 - Limited - Enabled)
Invitado (S-1-5-21-3083680158-2954937715-333984504-501 - Limited - Disabled)
Jhonny (S-1-5-21-3083680158-2954937715-333984504-1000 - Administrator - Enabled) => C:\Users\Jhonny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0C0A-0000-0000000FF1CE}_STANDARD_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0403-0000-0000000FF1CE}_ENTERPRISE_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0403-0000-0000000FF1CE}_STANDARD_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0416-0000-0000000FF1CE}_STANDARD_{8A524694-0CA4-476A-9301-B1E9D70FC952}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-042D-0000-0000000FF1CE}_ENTERPRISE_{017A6981-5E03-4A97-830A-35FE0927BB7F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-042D-0000-0000000FF1CE}_STANDARD_{017A6981-5E03-4A97-830A-35FE0927BB7F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0456-0000-0000000FF1CE}_ENTERPRISE_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0456-0000-0000000FF1CE}_STANDARD_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0C0A-0000-0000000FF1CE}_ENTERPRISE_{430AE3E6-E982-4958-90FC-1C062BC74E22}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0C0A-0000-0000000FF1CE}_STANDARD_{430AE3E6-E982-4958-90FC-1C062BC74E22}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0C0A-0000-0000000FF1CE}_ENTERPRISE_{D79E9128-A250-4155-BE90-2BE81DE0406A}) (Version:  - Microsoft) Hidden
7-Zip 18.05 (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Avast Cleanup Premium (HKLM\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 75.1.1528.100 - Los creadores de Avast Secure Browser)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Eye 312 (HKLM\...\{6EA3A8A6-4B6B-4288-B8FB-3EB11A403ED3}) (Version: 1.0.0.14 - KYE)
Google Chrome (HKLM\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 201 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Klip Xtreme 300K Webcam V1.0 (HKLM\...\{C6A0FD8A-F107-44CA-AA1B-49341936F76A}) (Version: 0050.2010.0819.3024 - PixArt Imaging Inc.)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 56.0 (x86 es-ES)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
Nero 7 Ultra Edition (HKLM\...\{4908C75E-E5E2-43F7-B1DF-023CBA831033}) (Version: 7.02.2631 - Nero AG)
Popcorn-Time (HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Skype versión 8.50 (HKLM\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2018-03-30] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-02-13 12:34 - 2018-09-05 21:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [432]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [432]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Jhonny\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jhonny\Datos de programa:NT2 [432]
AlternateDataStreams: C:\Users\Jhonny\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jhonny\AppData\Roaming:NT2 [432]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2019-01-04 10:19 - 000000827 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jhonny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{61B055E2-D7B6-4928-888D-2B29C3601C7B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76833603-FD97-47C7-A291-02EE48E2021F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B391195B-6A63-4CBB-AB76-D35B901DCCFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CAB7B055-04AD-4DBB-9C53-0DC2D86ED8ED}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{30713DE6-6AA7-4A9A-B415-E0FB6321B7A3}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E896595B-1D5C-4F76-BB07-F9133E4EF867}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D71F9202-9458-4477-A34A-693F7E532478}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8D13480F-72F4-423C-B0B9-872CC5C1A9F3}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Mighty Party\Mighty_party.exe () [File not signed]
FirewallRules: [{8CF11612-5782-4BAD-981B-D5F842C726D6}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Mighty Party\Mighty_party.exe () [File not signed]
FirewallRules: [TCP Query User{3F17B4FF-DA71-4F74-9D0B-40A33BC4F849}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9F83221E-44FD-4E18-ADA6-20E0932CE0B2}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{4A778117-11D8-45C8-A1A8-B9B6070FC192}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51237442-1F49-4D26-83B0-EC1BE7A0ACDF}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7EFB879-8B57-4095-A1B5-595601321DFD}] => (Allow) C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{56BDC48F-9B32-492E-A3EC-AE947E55A4A6}] => (Allow) C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{DAB2CCA1-8B59-4E84-8D97-4FAAED7945DD}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{6213016F-EA22-4DC4-A73E-A984A6DA4D07}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{36394F6F-F828-43E6-BA50-7E6BFCB5D6B7}C:\program files\gta sa\proxy_sa.exe] => (Allow) C:\program files\gta sa\proxy_sa.exe () [File not signed]
FirewallRules: [UDP Query User{4ADF7F06-9B3B-457D-8D21-C422E03620C3}C:\program files\gta sa\proxy_sa.exe] => (Allow) C:\program files\gta sa\proxy_sa.exe () [File not signed]
FirewallRules: [TCP Query User{3EEF1109-6522-450E-A5B0-282EFA0A2198}C:\users\jhonny\desktop\cosas\megadownloader.exe] => (Allow) C:\users\jhonny\desktop\cosas\megadownloader.exe () [File not signed]
FirewallRules: [UDP Query User{15209DFA-2C03-4968-8B81-FD1F5FA1F10A}C:\users\jhonny\desktop\cosas\megadownloader.exe] => (Allow) C:\users\jhonny\desktop\cosas\megadownloader.exe () [File not signed]
FirewallRules: [TCP Query User{ACC85DA4-CFCE-4200-864E-86E8D4FF66D1}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9DCC3E97-7675-4DA4-9F1E-EC329FA5B34F}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{2D9EE36C-C98B-4F06-AE7D-88641E876985}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Cadria Item Shop\Cadria.exe () [File not signed]
FirewallRules: [{BE6B9711-CFB3-4424-A525-761865662165}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Cadria Item Shop\Cadria.exe () [File not signed]
FirewallRules: [{C00EB3E8-A1EB-47C9-9EDC-D5CBC4E1DC5D}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4DF1924E-0DDE-4EA8-8FA6-EE48AFE89813}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3386B987-BFD3-4EF6-8533-D52DC706E384}] => (Allow) C:\Program Files\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2EBDBE5E-19C8-4D8F-935B-C32E31DB0F5B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-07-2019 15:16:45 Punto de control programado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/15/2019 02:31:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/15/2019 02:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (08/15/2019 02:16:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/15/2019 02:11:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Skype.exe, versión: 8.50.0.38, marca de tiempo: 0x5cade4e1
Nombre del módulo con errores: Skype.exe, versión: 8.50.0.38, marca de tiempo: 0x5cade4e1
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x014a8336
Id. del proceso con errores: 0xb84
Hora de inicio de la aplicación con errores: 0x01d5537eb0115697
Ruta de acceso de la aplicación con errores: C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
Ruta de acceso del módulo con errores: C:\Program Files\Microsoft\Skype for Desktop\Skype.exe
Id. del informe: 10aff45d-bf88-11e9-8902-7071bcc8825c

Error: (08/15/2019 01:16:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/15/2019 12:16:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/15/2019 11:42:38 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. La cuenta especificada ya existe.

Error: (08/15/2019 11:33:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (08/15/2019 02:29:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OMSCAN no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (08/15/2019 02:29:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar la ruta especificada.

Error: (08/15/2019 02:28:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (08/15/2019 02:28:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (08/15/2019 02:28:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Adaptador de rendimiento de WMI terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (08/15/2019 02:21:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OMSCAN no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (08/15/2019 11:32:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OMSCAN no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (08/15/2019 09:31:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio OMSCAN no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


CodeIntegrity:
===================================

Date: 2016-09-08 19:05:31.289
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-08 19:05:31.055
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-07 23:35:45.195
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-07 23:35:45.117
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-06 12:24:15.584
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-06 12:24:15.537
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-06 12:15:21.476
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2016-09-06 12:15:21.008
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 080015 04/30/2010
Motherboard: langchao IPM41-D3
Processor: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
Percentage of memory in use: 83%
Total physical RAM: 2013.24 MB
Available physical RAM: 334.04 MB
Total Virtual: 4026.48 MB
Available Virtual: 2313.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.04 GB) (Free:194.74 GB) NTFS

\\?\Volume{c828e12a-ef82-11e3-af34-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A11800FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52.1 GB) - (Type=83)
Partition 4: (Not Active) - (Size=1.9 GB) - (Type=82)

==================== End of Addition.txt ============================

Tambien despues de esto,puedo desintalar los programas anteriores?

Hola

Cuando terminemos ya te daré indicaciones para desinstalar los programas utilizados.

No descargaste y ejecutaste Frst desde el escritorio como te indiqué, muevelo allí para realizar los siguientes pasos, si no no funcionará.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) [File not signed]
HKLM\...\Run: [PACTray] => C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\MountPoints2: {d7fb13e6-3314-11e4-996f-7071bcc8825c} - E:\AutoRun.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> {463ED07E-EE6C-4914-8F29-0030129D307C} URL = hxxps://ve.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
Toolbar: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Extension: (IDM CC) - C:\Users\Jhonny\AppData\Roaming\IDM\idmmzcc5 [2018-09-08] [Legacy] [not signed]
FF Plugin HKU\S-1-5-21-3083680158-2954937715-333984504-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll [No File]
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2018-09-28]
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2019-05-25]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S0x02000000 OMSCAN; \Sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [432]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [432]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Jhonny\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jhonny\Datos de programa:NT2 [432]
AlternateDataStreams: C:\Users\Jhonny\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jhonny\AppData\Roaming:NT2 [432]
FirewallRules: [{8D13480F-72F4-423C-B0B9-872CC5C1A9F3}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Mighty Party\Mighty_party.exe () [File not signed]
FirewallRules: [{8CF11612-5782-4BAD-981B-D5F842C726D6}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Mighty Party\Mighty_party.exe () [File not signed]
FirewallRules: [TCP Query User{3F17B4FF-DA71-4F74-9D0B-40A33BC4F849}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9F83221E-44FD-4E18-ADA6-20E0932CE0B2}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{36394F6F-F828-43E6-BA50-7E6BFCB5D6B7}C:\program files\gta sa\proxy_sa.exe] => (Allow) C:\program files\gta sa\proxy_sa.exe () [File not signed]
FirewallRules: [UDP Query User{4ADF7F06-9B3B-457D-8D21-C422E03620C3}C:\program files\gta sa\proxy_sa.exe] => (Allow) C:\program files\gta sa\proxy_sa.exe () [File not signed]
FirewallRules: [TCP Query User{3EEF1109-6522-450E-A5B0-282EFA0A2198}C:\users\jhonny\desktop\cosas\megadownloader.exe] => (Allow) C:\users\jhonny\desktop\cosas\megadownloader.exe () [File not signed]
FirewallRules: [UDP Query User{15209DFA-2C03-4968-8B81-FD1F5FA1F10A}C:\users\jhonny\desktop\cosas\megadownloader.exe] => (Allow) C:\users\jhonny\desktop\cosas\megadownloader.exe () [File not signed]
FirewallRules: [TCP Query User{ACC85DA4-CFCE-4200-864E-86E8D4FF66D1}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9DCC3E97-7675-4DA4-9F1E-EC329FA5B34F}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{2D9EE36C-C98B-4F06-AE7D-88641E876985}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Cadria Item Shop\Cadria.exe () [File not signed]
FirewallRules: [{BE6B9711-CFB3-4424-A525-761865662165}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Cadria Item Shop\Cadria.exe () [File not signed]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Tengo que copiar el texto en el notepad antes o despues de modo seguro?

Hola

Puedes copiar el texto antes de entrar en modo seguro y dejarlo en el escritorio.

Un saludo

Fix result of Farbar Recovery Scan Tool (x86) Version: 14-08-2019
Ran by Jhonny (15-08-2019 19:10:00) Run:1
Running from C:\Users\Jhonny\Desktop
Loaded Profiles: Jhonny (Available Profiles: Jhonny)
Boot Mode: Safe Mode (with Networking)

==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) [File not signed]
HKLM\...\Run: [PACTray] => C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\...\MountPoints2: {d7fb13e6-3314-11e4-996f-7071bcc8825c} - E:\AutoRun.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> {463ED07E-EE6C-4914-8F29-0030129D307C} URL = hxxps://ve.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
Toolbar: HKU\S-1-5-21-3083680158-2954937715-333984504-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Extension: (IDM CC) - C:\Users\Jhonny\AppData\Roaming\IDM\idmmzcc5 [2018-09-08] [Legacy] [not signed]
FF Plugin HKU\S-1-5-21-3083680158-2954937715-333984504-1000: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files\OnLive\Plugin\npolgdet.dll [No File]
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2018-09-28]
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2019-05-25]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
2018-07-13] (Windscribe Limited -> The OpenVPN Project)
S0x02000000 OMSCAN; \Sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRar\rarext.dll [2007-05-05] () [File not signed]
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [432]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [432]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
AlternateDataStreams: C:\Users\Jhonny\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Jhonny\Datos de programa:NT2 [432]
AlternateDataStreams: C:\Users\Jhonny\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Jhonny\AppData\Roaming:NT2 [432]
FirewallRules: [{8D13480F-72F4-423C-B0B9-872CC5C1A9F3}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Mighty Party\Mighty_party.exe () [File not signed]
FirewallRules: [{8CF11612-5782-4BAD-981B-D5F842C726D6}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Mighty Party\Mighty_party.exe () [File not signed]
FirewallRules: [TCP Query User{3F17B4FF-DA71-4F74-9D0B-40A33BC4F849}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9F83221E-44FD-4E18-ADA6-20E0932CE0B2}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{36394F6F-F828-43E6-BA50-7E6BFCB5D6B7}C:\program files\gta sa\proxy_sa.exe] => (Allow) C:\program files\gta sa\proxy_sa.exe () [File not signed]
FirewallRules: [UDP Query User{4ADF7F06-9B3B-457D-8D21-C422E03620C3}C:\program files\gta sa\proxy_sa.exe] => (Allow) C:\program files\gta sa\proxy_sa.exe () [File not signed]
FirewallRules: [TCP Query User{3EEF1109-6522-450E-A5B0-282EFA0A2198}C:\users\jhonny\desktop\cosas\megadownloader.exe] => (Allow) C:\users\jhonny\desktop\cosas\megadownloader.exe () [File not signed]
FirewallRules: [UDP Query User{15209DFA-2C03-4968-8B81-FD1F5FA1F10A}C:\users\jhonny\desktop\cosas\megadownloader.exe] => (Allow) C:\users\jhonny\desktop\cosas\megadownloader.exe () [File not signed]
FirewallRules: [TCP Query User{ACC85DA4-CFCE-4200-864E-86E8D4FF66D1}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [UDP Query User{9DCC3E97-7675-4DA4-9F1E-EC329FA5B34F}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{2D9EE36C-C98B-4F06-AE7D-88641E876985}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Cadria Item Shop\Cadria.exe () [File not signed]
FirewallRules: [{BE6B9711-CFB3-4424-A525-761865662165}] => (Allow) C:\Users\Jhonny\Desktop\Cosas\Steam\steamapps\common\Cadria Item Shop\Cadria.exe () [File not signed]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck" => removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PACTray" => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7fb13e6-3314-11e4-996f-7071bcc8825c} => removed successfully.
HKLM\Software\Classes\CLSID\{d7fb13e6-3314-11e4-996f-7071bcc8825c} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{463ED07E-EE6C-4914-8F29-0030129D307C} => removed successfully.
HKLM\Software\Classes\CLSID\{463ED07E-EE6C-4914-8F29-0030129D307C} => not found
"HKU\S-1-5-21-3083680158-2954937715-333984504-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
C:\Users\Jhonny\AppData\Roaming\IDM\idmmzcc5 => moved successfully
HKU\S-1-5-21-3083680158-2954937715-333984504-1000\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0 => removed successfully.
"C:\Program Files\OnLive\Plugin\npolgdet.dll" => not found
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2018-09-28] => Error: No automatic fix found for this entry.
CHR Extension: (Yahoo Partner) - C:\Users\Jhonny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2019-05-25] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo => removed successfully.
"2018-07-13] (Windscribe Limited -> The OpenVPN Project)" => not found
S0x02000000 OMSCAN; \Sys [X] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully.
VGPU => service removed successfully.
HKLM\System\CurrentControlSet\Services\xhunter1 => removed successfully.
xhunter1 => service removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully.
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => removed successfully.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR => removed successfully.
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully.
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
C:\ProgramData => ":NT" ADS removed successfully.
C:\ProgramData => ":NT2" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT2" ADS not found.
"C:\ProgramData\Datos de programa" => ":NT" ADS not found.
"C:\ProgramData\Datos de programa" => ":NT2" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
C:\Users\Jhonny\Datos de programa => ":NT" ADS removed successfully.
C:\Users\Jhonny\Datos de programa => ":NT2" ADS removed successfully.
"C:\Users\Jhonny\AppData\Roaming" => ":NT" ADS not found.
"C:\Users\Jhonny\AppData\Roaming" => ":NT2" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D13480F-72F4-423C-B0B9-872CC5C1A9F3}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CF11612-5782-4BAD-981B-D5F842C726D6}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F17B4FF-DA71-4F74-9D0B-40A33BC4F849}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F83221E-44FD-4E18-ADA6-20E0932CE0B2}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{36394F6F-F828-43E6-BA50-7E6BFCB5D6B7}C:\program files\gta sa\proxy_sa.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4ADF7F06-9B3B-457D-8D21-C422E03620C3}C:\program files\gta sa\proxy_sa.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3EEF1109-6522-450E-A5B0-282EFA0A2198}C:\users\jhonny\desktop\cosas\megadownloader.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{15209DFA-2C03-4968-8B81-FD1F5FA1F10A}C:\users\jhonny\desktop\cosas\megadownloader.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ACC85DA4-CFCE-4200-864E-86E8D4FF66D1}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9DCC3E97-7675-4DA4-9F1E-EC329FA5B34F}C:\users\jhonny\appdata\local\popcorn-time\popcorn-time.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D9EE36C-C98B-4F06-AE7D-88641E876985}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE6B9711-CFB3-4424-A525-761865662165}" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-3083680158-2954937715-333984504-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-3083680158-2954937715-333984504-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red inal mbrica 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c1d3:9c52:58d8:c83a%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.100
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Conexi¢n de  rea local* 12:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{68C687E0-D5DC-4311-AC7A-95D97C04CC2C}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Conexi¢n de  rea local* 18:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16161052 B
Java, Flash, Steam htmlcache => 377821453 B
Windows/system/drivers => 8314 B
Edge => 0 B
Chrome => 351898774 B
Firefox => 7243986 B
Opera => 7960986 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65954 B
LocalService => 132244 B
NetworkService => 69428 B
Jhonny => 13822267 B

RecycleBin => 7313 B
EmptyTemp: => 739.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:11:53 ====

Creo que lo hice en modo seguro con internet pasa algo si lo hice asi?.Me confundi y crei que era de esa forma.

Hola

No te preocupes, no pasa nada.

Te ha vuelto a salir el aviso?

Un saludo

No el aviso no volvio a salir,ademas esta mas rapido el computador.

Con esto seria todo? Si es asi muchas pero muchas gracias te lo agradezco mucho.

Hola @John

Si ya no ha vuelto a salir el aviso, y el funcionamiento es mejor, estaría resuelto el problema, de todas formas podría salirte avisos de ese tipo cuando visitas páginas poco confiables.

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Nos alegramos que se te haya resuelto Damos el tema por solucionado.

Un saludo