Virus del “doble acento” o de la “doble tilde”

volvió a encontrar lo mismo

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 9/5/21
Hora del análisis: 12:00
Archivo de registro: 02c4b552-b0e8-11eb-9771-78843cb2a9d4.json

-Información del software-
Versión: 4.3.0.98
Versión de los componentes: 1.0.1273
Versión del paquete de actualización: 1.0.40262
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: go8treubxzifgab\Aldo

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 732562
Amenazas detectadas: 7
Amenazas en cuarentena: 7
Tiempo transcurrido: 2 hr, 45 min, 52 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
Trojan.BrowserHijack, C:\PROGRAMDATA\AKAMUDG\OLJLKW\1E204270, En cuarentena, 2682, 938251, 1.0.40262, , ame, , , 

Archivo: 6
Malware.AI.4171824938, C:\PROGRAM FILES (X86)\VIDEO TO VIDEO\DVDAUTHOR\MPLEX.EXE, En cuarentena, 1000000, 0, 1.0.40262, 3F0C753EB238F68FF8A8FF2A, dds, 01237821, BCD5A8ED3B5C46BCDF19D3A454DE3E10, D292AD88915EAB3BF386A4D81E42AD705FE9A7273D68C268FA16A8E5E6CBA1A0
Malware.AI.4171824938, C:\PROGRAM FILES (X86)\VIDEO TO VIDEO\DVDAUTHOR\MPEG2ENC.EXE, En cuarentena, 1000000, 0, 1.0.40262, 3F0C753EB238F68FF8A8FF2A, dds, 01237821, F00C5BE6EEDCCB06E48669B1BE42D537, 4E599CCD804FA7DAA3CAA9FD1C6E50BE52CF82AC91066F34C5815B038D7B430A
Trojan.BrowserHijack, C:\PROGRAMDATA\AKAMUDG\OLJLKW\1E204270\BACKGROUND.JS, En cuarentena, 2682, 938251, 1.0.40262, , ame, , 4E46EEE79B9FD087798BBFB936B905C6, 51CBC9D14E967BEA4854721223BA5F2414A2D1A7C62A24DDA73FDC83B54AF6E1
Trojan.BrowserHijack, C:\ProgramData\Akamudg\Oljlkw\1E204270\icon128.png, En cuarentena, 2682, 938251, , , , , 86DF701CE3B2191A415BDEF3222AB59F, E2712D19AA6AA4A29827E76C4DF53F54B5207AB9C90C0CB2202635072D41AA22
Trojan.BrowserHijack, C:\ProgramData\Akamudg\Oljlkw\1E204270\kmno, En cuarentena, 2682, 938251, , , , , B02979A76C0BBAE6817750E677DB1141, 33793DE65684BB74114B93DCE07010CC93D3304145130591FC91A5EBB260CFFB
Trojan.BrowserHijack, C:\ProgramData\Akamudg\Oljlkw\1E204270\manifest.json, En cuarentena, 2682, 938251, , , , , 45C9DEEDADE0EFFA03812B4AE4630326, 893F5FE05FAE8EEDEDCAAC7A1A8EDCD393152ED4FB3DAD5D5D42689E3F88EDE6

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

OK :+1: @unnicknamed

EN BUSCA / ELIMINACIÓN DE MALWARE

:one: Desactivas tu antivirus :arrow_forward: Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad que tengas activado.

LO DESCARGAS EN TU ESCRITORIO MUY IMPORTANTE (y no en otro sitio).

Descargas Farbar Recovery Scan Tool MUY IMPORTANTE >> seleccionas la versión adecuada para la arquitectura correspondiente de tu Ordenador (32 o 64bits). :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

:warning: Una vez descargado FRST, desconectas tu equipo de completamente de Internet (apagas el router) >> Super Importante. Acto seguido, cierras también cualquier otro programa que tengas abierto.

:two: Farbar Recovery Scan Tool

  1. Ejecutas el FRST.exe (Si utilizas Windows Vista/7/8 o 10, presionas click derecho y seleccionas Ejecutar como Administrador).

  2. Aparecerá una ventana con un mensaje de Disclaimer/Responsabilidad, presionas sobre Si o Yes.

  3. En la ventana principal del programa presionas sobre Analizar/Scan y esperas a que finalice el análisis.

  4. Aparecerán dos logs/reportes que serán: Frst.txt y Addition.txt, estos quedarán guardados en el escritorio.

:three: Activas de nuevo tu antivirus y cualquier programa de seguridad que tengas activado. También conectas nuevamente tu equipo a Internet.

:four: PRÓXIMA RESPUESTA

Pegas los reportes de FRST.txt y Addition.txt. Debes de poner ambos reportes todos enteros con absolutamente todo su contenido. Deberás de realizar varios mensajes si recibes un mensaje de error/advertencia indicando que es muy largo dicho reporte que formará el mensaje (más de 50.000 carácteres aprox.).

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 17-04-2021
Ejecutado por Aldo (administrador) sobre GO8TREUBXZIFGAB (Sony Corporation VPCEG33FL) (09-05-2021 15:54:31)
Ejecutado desde C:\Users\Aldo\Desktop
Perfiles cargados: Aldo
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications Inc. -> Atheros) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brio) [Archivo no firmado] C:\Program Files (x86)\FolderSize\FolderSizeSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe <2>
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications Inc. -> Atheros Communications) [Archivo no firmado]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1859936 2016-01-22] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {25276d0c-40f6-11e2-8faa-642737a64170} - D:\LGAutoRun.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {584bb54d-38d3-11e3-a095-b284bff2cb28} - D:\iStudio.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {d81eb27d-9d7d-11eb-bebc-78843cb2a9d4} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {e0a0c50a-97c6-11ea-a042-642737a64170} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\AvastSS.scr [53208 2016-08-26] (AVAST Software a.s. -> AVAST Software)
HKU\S-1-5-21-1562237412-835404634-1912169428-501\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3425224 2016-10-25] (ACD Systems International -> ) [Archivo no firmado]
HKLM\...\Windows x64\Print Processors\hpfpp101: C:\Windows\System32\spool\prtprocs\x64\hpfpp101.dll [254464 2009-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\hpf3l101.dll: C:\Windows\system32\hpf3l101.dll [138752 2009-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {07218E67-94EC-49BD-9F8D-FD74EDC0DDD3} - System32\Tasks\{23578398-CEE3-4500-8F93-C4C06972AE1D} => C:\Users\Aldo\Desktop\PSCS5 Portatil - DR\Photoshop.exe
Task: {08F212B8-70A1-4F6B-895C-4E153B53495B} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {100331D9-3FB3-4C2D-9A07-B0F26F3D948D} - System32\Tasks\{2BF43F67-32DF-4A5A-8988-FA39239EAB06} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\polarr\download\File-Install-v9.7.exe -d C:\Users\Aldo\Descargas\polarr\download
Task: {142739EE-AE28-444E-A2A0-7FA5D42594F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-30] (Adobe Inc. -> Adobe)
Task: {154CB94D-8D60-4144-87D2-C033315619FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F658DF4-FE2A-4DFD-89F9-1B895D923C4C} - System32\Tasks\AdobeAAMUpdater-1.0-ASDFGHJKL-Aldo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {25A74874-363E-4460-B1A2-15483EF9D769} - System32\Tasks\Microsoft\Windows\SyncCenter\Microsoft.Windows.Diasfer => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe "C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll"
Task: {2721EA1C-E758-47B7-92B6-087CB5107DB3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2763992 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {28497E92-B1A3-4429-8CDD-DF250D0CC772} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {28FB978E-DCF9-4F02-AE99-C6050D5651C8} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {31D3D4B5-F97C-4034-8B0E-4026BCCE7314} - System32\Tasks\AdobeGCInvoker-1.0-GO8TREUBXZIFGAB-Aldo => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {379A8A07-D95F-4F96-ACA9-A481041D90C2} - System32\Tasks\{4F1A3F2A-2AA1-4FFB-B58B-A5E183659637} => C:\Users\Aldo\Descargas\Visor De Imagenes.exe
Task: {48803084-CD88-4ACA-BFB7-75DE0E51612F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038168 2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D411BF1-DF99-4B6C-BE08-7E847AEAD2FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-22] (Google Inc -> Google LLC)
Task: {58139403-57D2-463F-A174-5970933FBF2A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5914574B-26DA-46FE-9464-3EB883ACAEE6} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {59724998-1667-4DFF-BC2B-30D56FED086C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158736 2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {59A9F6D5-236C-4FC4-9EBE-FDFD0B8AAB43} - System32\Tasks\{FC3FEF76-2881-462C-B5AC-B3774E271C3A} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\AppData\Local\Temp\GLF3130\TROUBL~1.EXE -d C:\Users\Aldo\AppData\Local\Temp\GLF3130 <==== ATENCIÓN
Task: {6363BBAC-B862-4B56-8500-F3B973E6FB61} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {67C5692C-28EC-482D-861F-1F8650097854} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {71D6BB13-F89C-4B0A-9A3B-BDD75346A386} - System32\Tasks\{BA17A1DD-2763-49F9-8DCE-B6397E127B7D} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\iview452_plugins_setup.exe -d C:\Users\Aldo\Descargas
Task: {737C378A-DCE0-4CF0-8A00-66C84741E846} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613288 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7758319A-A8B0-4C96-B99A-1DFEAE8B8108} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158600 2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {79532CA8-28D9-404B-946C-061B309306DE} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [401544 2012-02-20] (Sony Corporation -> Sony Corporation)
Task: {847CCEF9-5555-4F26-8549-03DAB3D8EE52} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
Task: {8F6905C2-A15D-47E8-B036-25951187A0D2} - System32\Tasks\{31F2A9BA-BF3E-4C68-88BC-5777112F6D26} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATENCIÓN
Task: {97CCC851-40C6-4ACE-8027-1A35FEFABE81} - System32\Tasks\AdobeAAMUpdater-1.0-GO8TREUBXZIFGAB-Aldo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {99AF2EE3-5DDB-47F7-B6C9-F1B848E03D25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {A1777330-354E-4312-A770-45D773FC0A03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158736 2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1DB6A79-3922-4DC1-B841-D22BD6C63DDC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613288 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAB7DE02-1698-4A7A-91CA-97514C1EF342} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {AAF01E43-1CC1-4536-A884-54937F26F2EE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {AFB46529-85D0-4CE0-BFAD-634FF13EEA23} - System32\Tasks\{22D7371E-AECB-41B1-96AB-CE80CFCDF506} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\irfanview_shell_extension_plugin.exe -d C:\Users\Aldo\Descargas
Task: {B77D358E-7036-4D08-8464-F8316E94E2FE} - System32\Tasks\{BFFD73B5-61B9-48C9-AD84-F64419BC92E3} => C:\Users\Aldo\Desktop\PSCS5 Portatil - DR\Photoshop.exe
Task: {B893CD57-CDCA-471A-B19D-0415D8AB33E4} - System32\Tasks\{8157F1F6-4665-4392-8091-34C7A793D43E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\FolderSize\FolderSize.cpl"
Task: {B91F949E-E8E7-4A3E-92EE-56093750FC1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-22] (Google Inc -> Google LLC)
Task: {C1F73762-3A89-480F-B5BE-62FE5B54CBFF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {C2BDA6F3-5D7A-40C5-B236-8025A0F65CBA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {CA875230-6BF5-4D57-90A8-601E4520BA62} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DD0218E2-F7BC-4BAF-9FFA-3A8A5EB7B2E1} - System32\Tasks\{10A77AFA-BD4B-4ED9-B7C8-07AC6456B258} => C:\Users\Aldo\Descargas\Visor De Imagenes.exe
Task: {DD949016-18C1-433C-A376-8E8AF9414539} - System32\Tasks\AdobeAAMUpdater-1.0-IvanAlvarez-Aldo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DE38CED5-2276-40C6-8619-62580DFF7C9C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158600 2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF76A6A6-1824-4D50-844D-5C21D4A387BC} - System32\Tasks\{3B7FF47C-F9D1-4FD0-B093-EFD5B8827014} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\uninstall.exe"
Task: {E084A3E1-CC69-45C3-8623-57C1D09C01A3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E8639695-129D-4FA1-8422-643625F1CE97} - System32\Tasks\{56A5FCAC-197F-42B4-AE49-B78B35AD7B1F} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\iview442\iv_uninstall.exe -d C:\Users\Aldo\Descargas\iview442
Task: {F2EA5373-20C0-4592-A817-5767B3DEAF36} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-30] (Adobe Inc. -> Adobe)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\User_Feed_Synchronization-{CDA866C6-9F26-4257-AC19-286EF4EFD98B}.job => C:\Windows\system32\msfeedssync.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{87564972-9E5A-4321-8257-4943BE219920}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D5E0AFEC-74F9-4011-85D9-BD44B2B0867B}: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF DefaultProfile: d3722gw7.default
FF ProfilePath: C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default [2021-05-08]
FF Extension: (Ant Video downloader) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2021-02-17]
FF Extension: (SCDL SoundCloud Downloader) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2020-10-16]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2020-10-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (uBlock Origin) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2021-03-01]
FF Extension: (Avast Online Security) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2020-10-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Video DownloadHelper) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16]
FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2021-05-01] [no firmado]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-30] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-30] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-07] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-07] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-20] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-1562237412-835404634-1912169428-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-09]
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-05-03]
CHR DownloadDir: C:\Users\Aldo\Descargas
CHR HomePage: Profile 2 -> www.google.com
CHR StartupUrls: Profile 2 -> "www.google.com"
CHR Extension: (Polarr Photo Editor) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2019-12-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-04-28]
CHR Extension: (New XKit) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inobiceghmpkaklcknpniboilbjmlald [2020-09-27] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATENCIÓN
CHR Extension: (TumTaster) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm [2019-10-22]
CHR Extension: (Image DNA) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nifmhaejjafapjonfiidojfddmpndkmc [2016-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-28]
CHR Extension: (Better History) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-28]
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-05-09]
CHR Notifications: Profile 3 -> hxxps://www15a.willianpadilla.pro
CHR HomePage: Profile 3 -> www.google.com
CHR StartupUrls: Profile 3 -> "www.google.com"
CHR Extension: (Presentaciones) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-22]
CHR Extension: (Documentos) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-22]
CHR Extension: (Google Drive) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (MEGA) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-04-28]
CHR Extension: (Search and Replace) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2019-09-25]
CHR Extension: (YouTube) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-22]
CHR Extension: (Enhanced History) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpnkmdkoapbdhpmemnaikpbhajknmdb [2019-10-19]
CHR Extension: (Dark Reader) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-04-23]
CHR Extension: (Hojas de cálculo) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-19]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (New XKit) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\inobiceghmpkaklcknpniboilbjmlald [2020-09-27] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATENCIÓN
CHR Extension: (Video Blocker) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2019-09-25]
CHR Extension: (Video DownloadHelper) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-04]
CHR Extension: (Morpheon Dark) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2021-05-03]
CHR Extension: (Save Image As PNG) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2021-05-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Extension: (uFunTwit) - C:\ProgramData\Akamudg\Oljlkw [2021-05-09]
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-30] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros Communications Inc. -> Atheros) [Archivo no firmado]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [338632 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137392 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communications Inc. -> Atheros Communication Inc.) [Archivo no firmado]
R2 FolderSize; C:\Program Files (x86)\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [Archivo no firmado]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2012-03-11] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [Archivo no firmado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc. -> ArcSoft, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [483384 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469488 2019-09-22] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-05-19] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [12032 2010-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-05-09] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-05-09] (Zemana Ltd. -> Zemana Ltd.)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U4 dmwappushservice; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-09 15:54 - 2021-05-09 15:55 - 000038791 _____ C:\Users\Aldo\Desktop\FRST.txt
2021-05-09 14:47 - 2021-05-09 14:49 - 000002963 _____ C:\Users\Aldo\Desktop\malwarebytes.txt
2021-05-08 21:27 - 2021-05-08 21:27 - 000002535 _____ C:\Users\Aldo\Desktop\HP Scan Extended.lnk
2021-05-08 19:27 - 2021-05-08 19:27 - 000000000 ___RD C:\Users\Aldo\Documents\Scanned Documents
2021-05-08 19:27 - 2021-05-08 19:27 - 000000000 ____D C:\Users\Aldo\Documents\Fax
2021-05-03 21:53 - 2021-05-03 21:53 - 000069838 _____ C:\Users\Aldo\Documents\cc_20210503_215347.reg
2021-05-03 21:48 - 2021-05-03 21:48 - 000002706 _____ C:\Users\Aldo\Desktop\AdwCleaner[C00].txt
2021-05-03 21:34 - 2021-05-03 21:47 - 000000000 ____D C:\AdwCleaner
2021-05-03 18:15 - 2021-05-03 18:15 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-03 18:15 - 2021-05-03 18:15 - 000000000 ____D C:\Users\Aldo\AppData\Local\mbam
2021-05-03 18:12 - 2021-05-03 18:12 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-05-03 18:10 - 2021-05-03 18:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-03 18:10 - 2021-05-03 18:09 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-05-03 18:01 - 2021-05-03 18:01 - 000000138 _____ C:\Users\Aldo\Documents\cc_20210503_180116.reg
2021-05-03 17:07 - 2021-05-09 11:55 - 000000000 ____D C:\Program Files\CCleaner
2021-05-03 17:07 - 2021-05-03 21:50 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-03 17:07 - 2021-05-03 17:07 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-03 17:07 - 2021-05-03 17:07 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-05-03 17:07 - 2021-05-03 17:07 - 000000782 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-05-03 17:07 - 2021-05-03 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-05-03 17:04 - 2021-05-03 17:05 - 008534696 _____ (Malwarebytes) C:\Users\Aldo\Desktop\adwcleaner_8.2.exe
2021-05-01 15:38 - 2021-05-01 15:38 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-04-28 18:50 - 2021-04-28 18:50 - 000036743 _____ C:\Users\Aldo\Documents\tumblrtheme.txt
2021-04-28 15:59 - 2021-05-08 17:43 - 000000000 ___HD C:\ProgramData\Akamudg
2021-04-28 14:42 - 2021-04-28 14:45 - 000000267 _____ C:\DelFix.txt
2021-04-28 14:42 - 2021-04-28 14:42 - 000000000 ____D C:\Windows\ERUNT
2021-04-27 23:57 - 2021-04-27 23:57 - 000797760 _____ C:\Users\Aldo\Desktop\delfix.exe
2021-04-27 23:50 - 2021-05-09 15:55 - 000000000 ____D C:\FRST
2021-04-27 23:49 - 2021-04-27 23:50 - 002298368 _____ (Farbar) C:\Users\Aldo\Desktop\FRST64.exe
2021-04-25 16:26 - 2021-05-03 16:56 - 000003214 _____ C:\Windows\system32\Tasks\{2BF43F67-32DF-4A5A-8988-FA39239EAB06}
2021-04-25 15:57 - 2021-04-25 15:58 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\XkhcPoUSquhmmwkpiqevsTMaaECRFZXbMcWIjRruDyeTfRBoMdTBaiUtnVelFejqo
2021-04-25 15:56 - 2021-04-25 15:56 - 000000000 ____D C:\Windows\PublicGaming
2021-04-18 21:48 - 2021-04-18 21:48 - 000000000 ____D C:\Users\Aldo\Documents\IrfanView Sandbox

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-09 15:55 - 2017-05-09 14:43 - 000099453 _____ C:\Windows\ZAM.krnl.trace
2021-05-09 15:55 - 2017-05-09 14:43 - 000073213 _____ C:\Windows\ZAM_Guard.krnl.trace
2021-05-09 12:02 - 2009-07-13 23:45 - 000032384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-09 12:02 - 2009-07-13 23:45 - 000032384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-09 11:55 - 2014-07-15 20:29 - 000000000 ____D C:\Users\Aldo\AppData\Local\Adobe
2021-05-09 11:46 - 2018-05-30 22:12 - 000000000 ____D C:\Users\Aldo\AppData\Local\AVAST Software
2021-05-09 11:44 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2021-05-09 11:43 - 2012-02-27 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-09 11:43 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-09 00:54 - 2019-01-27 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-05-08 21:42 - 2019-08-13 15:21 - 015774720 _____ C:\Users\Aldo\AppData\Local\SageThumbs.db3
2021-05-08 21:30 - 2014-01-18 00:53 - 000007625 _____ C:\Users\Aldo\AppData\Local\resmon.resmoncfg
2021-05-08 21:20 - 2020-08-10 12:50 - 010556200 _____ C:\Windows\system32\FNTCACHE.DAT
2021-05-08 19:38 - 2017-05-19 01:03 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-05-08 19:34 - 2012-06-09 11:20 - 000000000 ____D C:\Users\Aldo\AppData\Local\HP
2021-05-08 19:34 - 2012-06-02 18:59 - 000308192 _____ C:\Users\Aldo\AppData\Local\GDIPFONTCACHEV1.DAT
2021-05-08 19:33 - 2012-06-09 11:06 - 000000000 ____D C:\Program Files (x86)\HP
2021-05-08 19:32 - 2012-06-02 18:59 - 000000000 ___RD C:\Users\Aldo\Descargas
2021-05-08 19:20 - 2019-01-27 17:21 - 000228529 _____ C:\Windows\hpoins46.dat
2021-05-08 19:12 - 2012-06-09 11:13 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\HpUpdate
2021-05-08 18:59 - 2012-06-09 11:03 - 000000000 ____D C:\ProgramData\HP
2021-05-08 18:56 - 2019-01-27 04:01 - 000002291 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2021-05-08 18:56 - 2019-01-27 04:01 - 000002291 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2021-05-08 15:52 - 2019-12-02 01:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-08 14:56 - 2017-01-05 21:16 - 000000000 ____D C:\Users\Aldo\AppData\LocalLow\Mozilla
2021-05-04 21:37 - 2019-08-12 15:51 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\vlc
2021-05-03 22:07 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2021-05-03 22:01 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2021-05-03 18:21 - 2012-02-27 11:38 - 000748254 _____ C:\Windows\system32\perfh00A.dat
2021-05-03 18:21 - 2012-02-27 11:38 - 000159694 _____ C:\Windows\system32\perfc00A.dat
2021-05-03 18:21 - 2009-07-14 00:13 - 001679378 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-03 18:16 - 2017-05-09 15:51 - 000001871 _____ C:\Users\Aldo\Desktop\Malwarebytes.lnk
2021-05-03 18:06 - 2016-09-18 00:43 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2021-05-03 17:17 - 2013-08-13 13:32 - 000000000 ____D C:\ProgramData\VSO
2021-05-03 17:17 - 2012-10-21 14:11 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\BitTorrent
2021-05-03 17:15 - 2014-01-04 23:47 - 000000000 ___DC C:\Users\Aldo\AppData\Local\MigWiz
2021-05-03 17:15 - 2012-06-20 14:42 - 000000000 ____D C:\Users\Aldo\AppData\Local\CrashDumps
2021-05-03 17:15 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\ModemLogs
2021-05-03 17:10 - 2013-04-02 13:06 - 000000000 ____D C:\Temp
2021-05-03 16:56 - 2020-10-04 18:00 - 000003148 _____ C:\Windows\system32\Tasks\{3B7FF47C-F9D1-4FD0-B093-EFD5B8827014}
2021-05-03 16:56 - 2020-05-30 16:59 - 000004290 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-05-03 16:56 - 2019-09-22 16:10 - 000003470 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-03 16:56 - 2019-09-22 16:10 - 000003342 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-03 16:56 - 2019-01-22 18:29 - 000003180 _____ C:\Windows\system32\Tasks\{22D7371E-AECB-41B1-96AB-CE80CFCDF506}
2021-05-03 16:56 - 2019-01-22 18:28 - 000003160 _____ C:\Windows\system32\Tasks\{BA17A1DD-2763-49F9-8DCE-B6397E127B7D}
2021-05-03 16:56 - 2019-01-11 19:41 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-05-03 16:56 - 2018-11-06 16:24 - 000004504 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-05-03 16:56 - 2018-06-17 01:39 - 000003470 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0-GO8TREUBXZIFGAB-Aldo
2021-05-03 16:56 - 2016-11-29 21:53 - 000003176 _____ C:\Windows\system32\Tasks\{56A5FCAC-197F-42B4-AE49-B78B35AD7B1F}
2021-05-03 16:56 - 2016-09-19 22:12 - 000003106 _____ C:\Windows\system32\Tasks\{8157F1F6-4665-4392-8091-34C7A793D43E}
2021-05-03 16:56 - 2016-07-13 14:41 - 000003352 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-07-13 14:41 - 000003216 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-07-08 12:48 - 000003374 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-07-08 12:48 - 000003238 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-05-21 15:00 - 000003514 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-GO8TREUBXZIFGAB-Aldo
2021-05-03 16:56 - 2015-12-03 19:48 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-05-02 15:53 - 2017-05-23 18:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-29 18:41 - 2019-03-27 17:21 - 000000000 ___RD C:\Users\Aldo\Desktop\respuestas
2021-04-28 13:40 - 2012-06-02 18:58 - 000000000 ____D C:\Users\Aldo
2021-04-28 13:30 - 2020-03-10 14:41 - 000000000 ____D C:\Program Files\Bulk Rename Utility
2021-04-28 13:30 - 2017-10-06 10:56 - 000000000 ____D C:\Users\TEMP
2021-04-28 13:30 - 2012-09-23 21:32 - 000000000 ____D C:\Users\Invitado
2021-04-28 13:30 - 2012-06-08 18:02 - 000000000 ____D C:\Program Files (x86)\Atheros WiFi Driver Installation
2021-04-28 13:30 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Msdtc
2021-04-27 15:54 - 2018-11-06 13:16 - 000000033 _____ C:\Users\Aldo\AppData\Roaming\AdobeWLCMCache.dat
2021-04-26 14:42 - 2019-09-22 16:12 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-25 17:06 - 2012-10-21 13:31 - 000000000 ____D C:\Users\Aldo\AppData\Local\ElevatedDiagnostics
2021-04-24 20:07 - 2019-01-11 19:40 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-17 22:06 - 2016-04-14 00:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-17 22:05 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-04-17 22:03 - 2012-02-27 10:21 - 000000000 ____D C:\Program Files\Microsoft Office

==================== Archivos en la raíz de algunos directorios ========

2020-03-10 15:36 - 2020-03-10 17:08 - 000041822 _____ () C:\Users\Aldo\AppData\Roaming\56tg4rfedcxs.exe
2012-12-02 11:48 - 2019-01-29 19:03 - 000000132 _____ () C:\Users\Aldo\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2012-06-22 21:26 - 2020-10-09 21:22 - 000000132 _____ () C:\Users\Aldo\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-11-06 13:16 - 2021-04-27 15:54 - 000000033 _____ () C:\Users\Aldo\AppData\Roaming\AdobeWLCMCache.dat
2013-08-13 13:33 - 2015-02-15 17:43 - 000099384 _____ () C:\Users\Aldo\AppData\Roaming\inst.exe
2013-04-20 21:23 - 2013-06-13 17:43 - 000000082 _____ () C:\Users\Aldo\AppData\Roaming\MultiFill Prefs
2013-08-13 13:33 - 2015-02-15 17:43 - 000007859 _____ () C:\Users\Aldo\AppData\Roaming\pcouffin.cat
2013-08-13 13:33 - 2015-02-15 17:43 - 000001167 _____ () C:\Users\Aldo\AppData\Roaming\pcouffin.inf
2013-08-13 13:33 - 2015-02-15 17:43 - 000000055 _____ () C:\Users\Aldo\AppData\Roaming\pcouffin.log
2013-08-13 13:33 - 2015-02-15 17:43 - 000082816 _____ (VSO Software) C:\Users\Aldo\AppData\Roaming\pcouffin.sys
2018-01-27 17:38 - 2018-01-27 17:41 - 000018432 ___SH () C:\Users\Aldo\AppData\Roaming\Thumbs.db
2020-03-10 15:37 - 2020-03-10 17:08 - 000041822 _____ () C:\Users\Aldo\AppData\Roaming\trbfvedcsx.exe
2012-07-15 11:02 - 2012-07-15 11:02 - 000011583 _____ () C:\Users\Aldo\AppData\Roaming\UserTile.png
2012-06-10 15:57 - 2020-06-20 13:01 - 000001456 _____ () C:\Users\Aldo\AppData\Local\Adobe Save for Web 12.0 Prefs
2020-10-10 22:31 - 2021-04-02 21:58 - 000003584 _____ () C:\Users\Aldo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-27 21:49 - 2019-01-27 21:49 - 000003879 _____ () C:\Users\Aldo\AppData\Local\recently-used.xbel
2014-01-18 00:53 - 2021-05-08 21:30 - 000007625 _____ () C:\Users\Aldo\AppData\Local\resmon.resmoncfg
2019-08-13 15:21 - 2021-05-08 21:42 - 015774720 _____ () C:\Users\Aldo\AppData\Local\SageThumbs.db3
2018-11-20 23:58 - 2018-11-20 23:58 - 002440206 _____ () C:\Users\Aldo\AppData\Local\[j0003]-[p28].bmp
2019-02-19 17:23 - 2019-02-19 17:23 - 002447334 _____ () C:\Users\Aldo\AppData\Local\[j0004]-[p38].bmp
2019-02-19 17:28 - 2019-02-19 17:28 - 002447334 _____ () C:\Users\Aldo\AppData\Local\[j0005]-[p20].bmp
2018-11-04 17:39 - 2018-11-04 17:39 - 002447334 _____ () C:\Users\Aldo\AppData\Local\[j0005]-[p24].bmp
2014-10-08 22:27 - 2014-10-08 22:27 - 000000000 _____ () C:\Users\Aldo\AppData\Local\{1E13123C-2396-45C9-8A43-2F2C211D9081}
2017-01-30 18:10 - 2017-01-30 18:10 - 000000000 _____ () C:\Users\Aldo\AppData\Local\{EFB99F78-F5E5-4F0A-A95B-108184896408}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-05-02 17:47
==================== Final de FRST.txt ========================

addition (parte 1)

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 17-04-2021
Ejecutado por Aldo (09-05-2021 15:56:12)
Ejecutado desde C:\Users\Aldo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-02 23:58:57)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1562237412-835404634-1912169428-500 - Administrator - Disabled)
Aldo (S-1-5-21-1562237412-835404634-1912169428-1000 - Administrator - Enabled) => C:\Users\Aldo
HomeGroupUser$ (S-1-5-21-1562237412-835404634-1912169428-1007 - Limited - Enabled)
Invitado (S-1-5-21-1562237412-835404634-1912169428-501 - Limited - Enabled) => C:\Users\Invitado

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
abrMate version 1.1 (HKLM-x32\...\abrMate_is1) (Version: 1.1 - )
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.0.0.839 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20150 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{A1BC7068-C1BA-410F-8B9A-DB807C803DE2}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Ant Video downloader (Native messaging host) (HKLM-x32\...\{73CE6109-2EA1-4EF8-9C30-B56E05C200E4}) (Version: 4.9 - Ant.com)
Apple Application Support (32 bits) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7D606B87-0AEB-4C27-ABCE-1138EE09777B}) (Version: 13.0.0.41 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.484 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Autodesk SketchBook Copic Edition (HKLM-x32\...\{1A574D80-0A3B-4DE0-8748-739BABD8BFAD}) (Version: 2.02.0000 - Autodesk)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
BitTorrent (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\BitTorrent) (Version: 7.10.5.45967 - BitTorrent Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bulk Rename Utility 3.3.1.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
CLIP STUDIO 1.9.4 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.9.4 - CELSYS)
CLIP STUDIO MODELER 1.9.1 (HKLM-x32\...\{1B6FE598-3814-4076-90DC-7E76823AE7A0}) (Version: 1.9.1 - CELSYS)
CLIP STUDIO PAINT 1.9.4 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.9.4 - CELSYS)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.50 - Conexant)
Corel Painter 12 - IPM (HKLM\...\{AC6FC993-CCD1-41A5-B61C-AD61F90549BE}) (Version: 12.4 - Corel Corporation) Hidden
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DesignDoll (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\a94d3e1b3ab3bea6) (Version: 1.4.0.0 - Terawell)
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version:  - )
dupeGuru 4.0.4 (HKLM\...\dupeGuru) (Version: 4.0.4 - Hardcoded Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FaceGen Modeller 3.4 Free (HKLM-x32\...\{05156799-4EC3-4885-864E-E190A429B307}) (Version: 3.4.0 - Singular Inversions Inc.)
Folder Size (HKLM-x32\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
GrampsAIO64 (HKLM\...\GrampsAIO64 5.0.1) (Version: 5.0.1 - The Gramps project)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Scan Extended (HKLM-x32\...\{11338856-1974-4B3C-ACBC-9F98A8FF79FD}) (Version: 35.0.0.0 - Hewlett-Packard Co.)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
iMazing 2.10.6.0 (HKLM\...\iMazing_is1) (Version: 2.10.6.0 - DigiDNA)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Keyboard Shortcuts (HKLM-x32\...\{FE8974B4-479C-4DBA-8544-9E5342ABB26A}) (Version: 1.1.0.08290 - Sony Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Manual de VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12527.21814 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (es-MX) (HKLM-x32\...\{BE94188A-CA4F-4AC7-A1B3-52D37882C30D}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (es-ES, Helena) (HKLM-x32\...\{8A732901-9531-4CC2-8D5B-9CBA1D8DE4FD}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (es-MX, Hilda) (HKLM-x32\...\{01C2594B-FA78-4C33-A9B7-6090A5EF7E90}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notion 2.0.11 (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.11 - Notion Labs, Incorporated)
Notion 2.0.9 (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\{fcdf0d7f-424b-5f10-a1c7-a8f643f21adf}) (Version: 2.0.9 - Notion Labs, Incorporated)
NVIDIA Controlador de 3D Vision 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 269.73 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 269.73 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA nView 136.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.02 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.12.0507 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0507 - NVIDIA Corporation)
Oasis2Service 1.0 (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.0 - DDNi)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21814 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21814 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12527.21814 - Microsoft Corporation) Hidden
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
SageThumbs 2.0.0.23 (HKLM\...\SageThumbs) (Version: 2.0.0.23 - Cherubic Software)
Sculptris Alpha 6 (HKLM-x32\...\{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic) Hidden
Sculptris Alpha 6 (HKLM-x32\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version:  - Microsoft)
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.25-5 - Wacom Technology Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs)
Topaz B&W Effects (HKLM-x32\...\{B7EB8FB7-F89E-480B-952D-813F413653BE}) (Version: 1.1.0 - Topaz Labs) Hidden
Topaz Clean 3 (HKLM-x32\...\{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (HKLM-x32\...\{9E146BA1-26DD-4C3B-9F0F-90F2E3CEC9D2}) (Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM-x32\...\{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}) (Version: 2.0.5 - Topaz Labs) Hidden
Topaz Fusion Express 2 (HKLM-x32\...\{770D3BDC-19D7-49D0-B60B-C5BB77553FBB}) (Version: 2.1.1 - Topaz Labs) Hidden
Topaz InFocus (HKLM-x32\...\{5BDEA9E0-E55B-45A7-93F7-6B8F68F851E5}) (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Lens Effects (HKLM-x32\...\{6E07CF4B-A9EB-45BF-BE74-613B3D708E13}) (Version: 1.2.0 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM-x32\...\{8117EA22-035F-4880-86AE-AC7C4F1FA3E2}) (Version: 3.2.1 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs)
Topaz Simplify 3 (HKLM-x32\...\{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Simplify 3 (HKLM-x32\...\Topaz Simplify 3) (Version: 3.0.2 - Topaz Labs)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs)
Transferencias VAIO (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Messenger (HKLM-x32\...\{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF}) (Version: 2.0.118.0 - DDNi) Hidden
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VCCx86 (HKLM-x32\...\{9B088046-8A01-4355-99DD-8530C022F682}) (Version: 1.0.0 - Sony Corporation) Hidden
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VESx64 (HKLM\...\{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (HKLM-x32\...\{3A94F54D-A8A4-4B82-B346-92B4D56A2708}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version:  - Media Converters)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (HKLM-x32\...\{A49A517F-5332-4665-922C-6D9AD31ADD4F}) (Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WinHex (HKLM-x32\...\WinHex) (Version:  - )
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
XnView 2.05 (HKLM-x32\...\XnView_is1) (Version: 2.05 - Gougelet Pierre-e)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2011.4 - URSoft, Inc.)
Zoom (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\ZoomUMX) (Version: 5.2.3 (45120.0906) - Zoom Video Communications, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1562237412-835404634-1912169428-1000_Classes\CLSID\{2bc833fd-0ec6-468c-90c4-e1b75adf9d29}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562237412-835404634-1912169428-1000_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}\InprocServer32 -> csp16.dll => Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2019-10-17] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1: [IrfanViewShellExt] -> {C835F12F-DD15-4294-B245-954A877D778A} => C:\Program Files (x86)\IrfanView\Shell Extension\IrfanViewShellExt64.dll [2019-01-22] (Irfan Skiljan) [Archivo no firmado]
ContextMenuHandlers1: [IZArcCM] -> {3BBAC0AD-8227-3462-C8EF-A36794DD8CD2} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2011-02-28] () [Archivo no firmado]
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [SageThumbs] -> {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} => C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll [2017-05-09] (CherubicSoft) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2019-10-17] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2019-10-17] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4: [IZArcCM] -> {3BBAC0AD-8227-3462-C8EF-A36794DD8CD2} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2011-02-28] () [Archivo no firmado]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nView\nvshell.dll [2011-09-07] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Akamudg\Oljlkw\1E204270"
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\asdfghjkl - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Aldo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Módulos cargados (Lista blanca) =============

2010-03-25 20:07 - 2010-03-25 20:07 - 000032256 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspUpdate.dll
2010-03-25 20:07 - 2010-03-25 20:07 - 000046592 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\DdniCore.dll
2016-05-10 19:28 - 2015-12-19 15:36 - 000253952 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll
2012-06-05 17:51 - 2011-02-28 08:39 - 000211456 _____ () [Archivo no firmado] C:\Program Files (x86)\IZArc\IZArcCM64.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000013824 _____ () [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2012-02-27 10:07 - 2011-02-14 01:15 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000019104 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000044192 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL
2011-04-29 18:19 - 2011-04-29 18:19 - 000047776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL
2011-04-29 18:19 - 2011-04-29 18:19 - 000182944 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000109728 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2011-04-29 18:19 - 2011-04-29 18:19 - 000084640 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000122528 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 002235040 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000076448 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2011-04-29 18:20 - 2011-04-29 18:20 - 000080544 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000130720 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000434336 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000044704 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\sim.DLL
2011-04-29 18:20 - 2011-04-29 18:20 - 000067232 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000029856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2017-05-09 02:40 - 2017-05-09 02:40 - 000475648 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll
2017-05-09 02:40 - 2017-05-09 02:40 - 000716288 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\sqlite3.dll
2010-03-25 20:07 - 2010-03-25 20:07 - 000249344 _____ (Digital Delivery Networks, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspX3.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2012-02-27 09:53 - 2010-11-06 00:51 - 000032768 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorIcon.resources.dll
2012-02-27 09:53 - 2010-11-06 00:51 - 000004608 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\es-ES\IntelVisualDesign.resources.dll
2012-02-27 09:53 - 2010-11-06 00:50 - 001109504 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2012-02-27 10:07 - 2011-02-14 01:15 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2020-03-11 21:20 - 2020-03-11 21:20 - 000475648 _____ (Intel Corporation) [Archivo no firmado] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e4da073bd55348a8691e5f02377b263b\IAStorUtil.ni.dll
2019-01-22 18:29 - 2019-01-22 18:29 - 000167424 _____ (Irfan Skiljan) [Archivo no firmado] C:\Program Files (x86)\IrfanView\Shell Extension\IrfanViewShellExt64.dll
2019-01-22 20:00 - 2019-01-22 20:00 - 000113664 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2019-01-22 20:00 - 2019-01-22 20:00 - 001654784 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2016-01-31 15:46 - 2016-01-22 21:54 - 001186352 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2016-01-31 15:47 - 2016-01-22 21:53 - 001859936 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Windows\system32\nvspcap64.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000096768 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000018432 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000109568 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SSLProxyCOM.dll
2012-02-27 10:22 - 2011-03-04 18:05 - 000192512 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000089600 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000301568 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000225280 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000084992 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000079360 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000062464 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000108032 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000056832 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000071168 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000035840 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000122880 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 001519104 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfl340.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 000256000 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfle340.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [402]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => AutoCADScriptFile
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Versión 11) (Lista blanca) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://prodigy.msn.com/es-mx/?pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-1562237412-835404634-1912169428-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.mx/
HKU\S-1-5-21-1562237412-835404634-1912169428-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-501 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-501 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Sin Nombre -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Ningún archivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\sharepoint.com -> hxxps://azcuammx-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 21:34 - 2020-10-04 17:46 - 000001468 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
127.0.0.1		activation.alienskin.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1562237412-835404634-1912169428-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CleanupPSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupreg: ACDSeeCommanderUltimate10 => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe                                                                                                                                                                                          
MSCONFIG\startupreg: ACUW10EN => "C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TuneupUI.exe => "C:\Program Files\Avast Software\Cleanup\TuneupUI.exe" /nogui

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{583A698D-AA90-4269-989B-1349AFAD35CE}] => (Allow) E:\setup\hpznui40.exe => Ningún archivo
FirewallRules: [{A53D53B6-8678-430C-808D-D977086E6866}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C122B600-27BF-4629-A9B3-384D5A0DFE34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{FF96FD1F-7B86-4B3B-8D60-A5C119C94D46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F531373-56AA-41DF-BF56-B88290CA2063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{64AA662F-D8BB-421C-B0DE-860EF0F0AFF4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{98A240A7-F081-41F9-88C7-36F1B5C596D3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{388A002A-D2C4-4926-9C9E-934D6EEC2506}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0B0BF5DF-0C15-4CA8-AA06-7EB7A1187A1A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C8931744-749C-4AC4-9F2E-B23F12E0738A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{006FCD80-4742-4CAC-BBDD-5670BDF156B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C0744849-BAAE-45BA-8171-B7B844F1AFEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{31FAA7B8-85AE-4681-8FBC-09A156E82259}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{F4974079-78BC-40CD-82A9-3FC0AEB9BC30}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe => Ningún archivo
FirewallRules: [{5C1A7645-6E3B-4B7C-AAA6-6289FA7CA16C}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe (Atheros Communications Inc. -> Atheros Communication Inc.) [Archivo no firmado]
FirewallRules: [{5A8A5859-6CEC-4C2F-8CE2-A3BD25254DA5}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{9EE50C97-DC36-442D-94E8-A176A5135510}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{CC26CA53-FBB1-4B7D-899B-B22BA119D020}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{5B911A3E-C8FF-48CD-9648-AA532B325C32}] => (Allow) C:\Users\Aldo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6B9F5E06-FEC1-4C9D-96D9-BE5EF769EAC0}] => (Allow) C:\Users\Aldo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CBD71500-5334-4BB2-B544-DA1DEF2FF4F2}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{7D8BDD9B-6C89-47DB-BF84-9BC21A91A337}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{FAC6F437-3A69-4065-8C61-06686A0FBEF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{800859AB-23F6-40AF-8FBC-FF8159F73A89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A01B999-0711-4751-9CA6-E8E9AD039A67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE938C0D-0DA2-46F0-AB44-CC4CFC7F5CD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E14FF000-3043-41F6-9C1B-C3BCA805F3BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47B428FF-7909-496F-BA9F-1E09B7AA2F08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A97AE12-723D-49CD-AE36-16BF781A5E42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DAD55F8-6DB0-46BB-B0A4-93528097FD30}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1DCA7D1-4C1C-40DA-8E0F-E54188E3D54E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{907E6D5B-95B3-4E25-8CB9-BA65D7F2782C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [Archivo no firmado]
FirewallRules: [{D6608A8E-0F7B-4EC3-AC33-DC18F805F08C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5A99B11A-1F2A-4540-A69B-5BE30AF817F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{04EA5B00-C6CF-41A3-BA7E-05C652C41A44}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9750E767-839F-4461-8CF0-95A5946BAC6F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{8FFCBDD6-35CD-4AC7-9D47-1FD3049F169D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [Archivo no firmado]
FirewallRules: [{BF02B680-7ADF-4B8C-B2FA-5F91C1E1C303}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C3CED67-7D4A-4D6A-A85D-561ADC9BC9DC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4BBE1F0A-1492-4319-8E86-78B4D93BF93B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5029C4F9-67C9-4630-BEF9-2AFCD0CE3FDC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{D184A292-9C94-4B89-8B18-993122291E02}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{85300B71-C5EC-4EFB-B957-4102BA784C15}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2CF20C1-AE88-4498-A533-0F225346B153}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29D418AE-29E6-417C-BEE1-01D39E06D6B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C89B5C8C-6CE6-4DCF-93A3-6DE6CA243B9E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{63FB1851-8D7F-48D7-96D5-E8229731844B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A81C5618-10D9-4578-B012-1EEA2E1DE759}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E501B7D6-CF99-4067-B251-4D3E79E15B56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5C1B3D2-CB27-41E3-8C0A-CCBE3FA72618}] => (Allow) C:\Users\Aldo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D06E43A7-8128-48E3-BD66-6492CDAA8C8C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E2D86333-8B86-45D8-866E-11EB9FEF4CA1}] => (Allow) C:\Users\Aldo\AppData\Local\Temp\7zS728E\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{E61E4F5A-E5D2-4C43-A15D-EBB2E961E2C4}] => (Allow) C:\Users\Aldo\AppData\Local\Temp\7zS728E\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{A25894E2-446D-45CD-BF6A-4645B5E53F1E}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{80CF3E87-9DD9-4219-9F6A-C8271A5BC85B}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)

==================== Puntos de Restauración =========================

25-04-2021 16:02:59 {7ae07e8c-2ec3-4337-a362-0da2883225f2}
28-04-2021 12:29:45 Operación de restauración
08-05-2021 19:33:22 Installed HP Scan Extended

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Atheros AR9285 Wireless Network Adapter
Description: Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

addition (parte 2)

==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/09/2021 12:34:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80004005).

Error: (05/09/2021 11:44:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/08/2021 09:20:45 PM) (Source: NVNetworkService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/08/2021 09:20:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/08/2021 09:14:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MBAMService.exe, versión: 3.2.0.943, marca de tiempo: 0x5fbd5689
Nombre del módulo con errores: ntdll.dll, versión: 6.1.7601.24545, marca de tiempo: 0x5e0eb67f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000032ad4
Id. del proceso con errores: 0x2018
Hora de inicio de la aplicación con errores: 0x01d7445e28db2607
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Ruta de acceso del módulo con errores: C:\Windows\SYSTEM32\ntdll.dll
Id. del informe: 599d7d58-b06c-11eb-8932-78843cb2a9d4

Error: (05/08/2021 07:33:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina ConvertStringSidToSid(S-1-5-21-1562237412-835404634-1912169428-1000.bak). HR = 0x80070539, La estructura del identificador de seguridad no es válida.
.


Operación:
   Evento OnIdentify
   Recopilando datos del escritor

Contexto:
   Contexto de ejecución: Shadow Copy Optimization Writer
   Id. de clase del escritor: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Nombre del escritor: Shadow Copy Optimization Writer
   Id. de instancia del escritor: {210e85fb-eba1-4447-8332-a2af0a85b78d}

Error: (05/08/2021 07:01:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa HPDiagnosticCoreUI.exe, versión 5.6.0.12, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 2234

Hora de inicio: 01d744662c24907f

Hora de finalización: 31

Ruta de acceso de la aplicación: C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe

Identificador de informe:

Error: (05/08/2021 03:52:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa firefox.exe, versión 88.0.0.7775, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1b6c

Hora de inicio: 01d744442fcc8987

Hora de finalización: 0

Ruta de acceso de la aplicación: C:\Program Files\Mozilla Firefox\firefox.exe

Identificador de informe: 522f4a9b-b03f-11eb-8932-78843cb2a9d4


Errores del sistema:
=============
Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/09/2021 03:59:35 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.


Windows Defender:
================
Date: 2014-10-30 20:55:43.233
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{09E2FBFB-3D23-4BAC-BBB0-F84FEBE4B943}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:ASDFGHJKL\Aldo

Date: 2014-10-30 20:55:30.706
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{96F6FF88-6952-4EB4-BD7E-93D16F7A3273}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:ASDFGHJKL\Aldo

Date: 2016-04-23 14:54:39.460
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2016-04-14 13:32:31.286
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-01-18 01:25:07.878
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

==================== Información de la memoria =========================== 

BIOS: INSYDE R0240Z8 01/06/2012
Placa base: Sony Corporation VAIO
Procesador: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Porcentaje de memoria en uso: 52%
RAM física total: 8173.86 MB
RAM física disponible: 3869.8 MB
Virtual total: 16345.86 MB
Virtual disponible: 12519.22 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:454.87 GB) (Free:124.38 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB) 

\\?\Volume{f9f795db-6150-11e1-a002-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
\\?\Volume{f9f795da-6150-11e1-a002-806e6f6e6963}\ (Recovery) (Fixed) (Total:10.79 GB) (Free:1.1 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B878DD9A)
Partition 1: (Not Active) - (Size=10.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Hola, buenas @unnicknamed

:+1: probablemente tengamos que acabar tirando de FRST… Pero antes quiero que utilices un par de herramientas más…, ya que sé que harán ciertas detecciones de malware.

:one: EN BUSCA / ELIMINACIÓN DE MALWARE

Realiza los pasos que te pongo a continuación, sin cambiar el orden y síguelos al pie de la letra:

Conectas todos tus dispositivos externos (todos los discos duros externos que tengas, USB, etc).

0) Descarga Eset Online Scaner Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y realizas un Análisis Personalizado tal y como se indica en su manual. Me traes su reporte.

1) Descarga Kasperky Virus Removal Tool Manual de Uso y realizas un análisis del PC, lee detalladamente las instrucciones y lo realizas tal y como se indica en su manual. En este caso no da reporte alguno, cuando finalice, presionas en la pestaña Report tal y como se indica en su manual y haces una captura de pantalla y la subes.

¿Como subir imágenes al Foro?

:two: PRÓXIMA RESPUESTA

Pegas los reportes de Eset Online Scaner y Kasperky Virus Removal Tool (captura) y comentas como va el PC.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

eset

10/05/2021 22:53:13 p.m.
Archivos explorados: 1019945
Archivos detectados: 27
Archivos desinfectados: 25
Tiempo total de exploración 06:41:05
Estado de la exploración: Finalizado
C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.0_43917.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.4_44847.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.5_45272.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.5_45312.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.5_45416.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.5_45597.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.10.5_45785.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.8.2_30182.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.8.2_30332.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.1_30739.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.1_30889.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.1_31141.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.1_31396.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.2_32128.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.2_34026.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.2_34312.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.2_34947.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.2_37755.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.3_40299.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.3_40761.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.5_41373.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.6_42095.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\AppData\Roaming\BitTorrent\updates\7.9.7_42331.exe	una variante de Win32/uTorrent.C aplicación potencialmente no deseada	desinfectado por eliminación

C:\Documents and Settings\Aldo\Descargas\PS_AIO_07_D110_USW_Full_Win_WW_140_126-4.exe	una variante de Win32/Adware.Coupons.AA aplicación	desinfectado por eliminación

C:\Program Files\AVAST Software\Avast\setup\asw1FDD.tmp	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\amtlib.dll.DEL	Win32/HackTool.Crack.FE aplicación potencialmente no segura	desinfectado por eliminación

KVRT: mañana

OK :+1: @unnicknamed traes el de KVRT en cuanto puedas. Seguidamente comentas como sigue el problema inicial planteado por el cual abriste este tema.

Subes estos dos archivos a VirusTotal para ello te recomiendo que sigas Manual VirusTotal:

C:\Program Files\AVAST Software\Avast\setup\asw1FDD.tmp
C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe	

Pues estoy casi seguro de que son dos falsos positivos detectados por ESET. ¿Verdad que de antivirus como protección residente utilizas AVAST? ¿Cierto?

Traes esos enlaces de VirusTotal, traes el log de KVRT y comentas lo que digo del AVAST y seguimos.

Salu2.

s´´i utilizo Avast,

KVR (me aparecen 2 reportes de hoy, pero ambos dicen lo mismo)

el problema sigue igual, el doble acento y el hijack

Sube los enlaces de los ficheros.

Salu2.

no los pude restaurar desde la cuarentena, pero los igual los encontre manualmente en la carpeta no se si eso sea bueno o malo https://www.virustotal.com/gui/file/6bd8c1ef706ee9733ae2805e848e32be1e3b6ebb2ebf69e9e4f6a829c0d735c5/detection

https://www.virustotal.com/gui/file/9fd5fea99882b8687e03f6945ba10c3a7848770835c791f74d0201d1446c65c1/detection

Hola, buenas @unnicknamed

Uno de esos archivos sí que es el que te he pedido, el otro no. De todas formas y de momento, solo de momento los dejaremos allí.

1) Descarga, instala y ejecuta ZHP Cleaner siguiendo su manual, lo descargas de aquí, instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Pegas el reporte de ZHP Cleaner y comentas como va el problema inicial planteado por el cual abriste este tema. También responde a las preguntas que te haya realizado a lo largo de este Post, siempre que te haya hecho alguna, si no, no

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo:

  • No realices pasos/acciones que NOSOTROS no te hayamos indicado.
  • No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
  • No instales NADA (programas/software/complementos/extensiones del navegador…).
  • No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…).
  • No realices por tu cuenta otros procedimientos.
  • Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

:warning: Muy Importante :warning: Coloca los diferentes reportes que te he pedido como se muestra en la siguiente imagen:

Salu2.

perd´´on, s´´i analic´´e ambos pero creo que me equivoqu´´e al copiar el link

ZHP Cleaner

~ ZHPCleaner v2021.5.6.294 by Nicolas Coolman (2021/05/06)
~ Run by Aldo (Administrator)  (13/05/2021 13:26:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Type : Reparar
~ Report : C:\Users\Aldo\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Aldo\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (57)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (22)
MOVIDO carpeta: C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences    =>Préférences Chromium
MOVIDO carpeta: C:\Users\Aldo\AppData\Roaming\56tg4rfedcxs.exe    =>Adware.Pirrit
MOVIDO carpeta: C:\Users\Aldo\AppData\Roaming\inst.exe    =>Adware.Pirrit
MOVIDO carpeta: C:\Users\Aldo\AppData\Roaming\trbfvedcsx.exe    =>Adware.Pirrit
MOVIDO carpeta: C:\ProgramData\InstallMate\{88D56910-22E1-4AF7-A81C-6AC353364BE6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup]  =>Adware.Tarma
MOVIDO carpeta: C:\ProgramData\InstallMate\{88D56910-22E1-4AF7-A81C-6AC353364BE6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library]  =>Adware.Tarma
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\background.js    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\defaults.json    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\icon128.png    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\icon16.png    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\icon32.png    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\icon48.png    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\listen.js    =>Riskware.FlashPlayer
MOVIDO carpeta: C:\Users\Aldo\AppData\Local\Chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0\manifest.json    =>Riskware.FlashPlayer
MOVIDO archivo: C:\Users\Aldo\AppData\Local\chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk  =>Riskware.FlashPlayer
MOVIDO archivo: C:\Users\Aldo\AppData\Local\chromium\User Data\Default\Local Extension Settings\ilghikgbapocohbodgkkemghiegioilk  =>Riskware.FlashPlayer
MOVIDO archivo: C:\Users\Aldo\AppData\Roaming\PDAppFlex  =>Trojan.Elpman
MOVIDO archivo: C:\ProgramData\InstallMate  =>Adware.Tarma
MOVIDO archivo: C:\Users\Aldo\AppData\Local\PackageAware  =>.SUP.BearShare
MOVIDO archivo: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
MOVIDO archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime  =>Riskware.QuickTime
MOVIDO archivo: C:\Users\Aldo\AppData\Local\chromium\User Data\Default\Extensions\ilghikgbapocohbodgkkemghiegioilk\14.4.402.278_0  =>Riskware.FlashPlayer


---\\  Registro ( Claves, Valores, Datos) (9)
BORRADOS clave*: HKCU\Software\undefined [AdditionalScan 149]  =>.SUP.Downloader
BORRADOS clave*: [X64] HKLM\SOFTWARE\Classes\com.adobe.f4v [MPEG-4 Video for Flash Player]  =>Riskware.FlashPlayer
BORRADOS clave*: [X64] HKLM\SOFTWARE\Classes\com.adobe.flv [FLV Video for Flash Player]  =>Riskware.FlashPlayer
BORRADOS clave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E2B61AFCFABE94988497BB49FCBB38 [C:\Program Files\Common Files\Autodesk Shared\GIS\ImportExport\10.0\tcl_library\textutil\string.tcl (Not File)]  =>PUP.Optional.Manager
BORRADOS clave^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier []  =>Riskware.FlashPlayer
BORRADOS clave^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater []  =>Riskware.FlashPlayer
BORRADOS clave*: [X64] HKLM\SOFTWARE\Wow6432Node\Auslogics []  =>SUP.Optional.Auslogics
BORRADOS clave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX [Adobe]  =>Riskware.FlashPlayer
BORRADOS clave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe]  =>Riskware.FlashPlayer


---\\  Resumen de elementos en su estación de trabajo (10)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium
https://nicolascoolman.eu/2017/02/25/adware-pirrit/  =>Adware.Pirrit
https://nicolascoolman.eu/2017/09/09/adware-tarma/  =>Adware.Tarma
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/  =>Riskware.FlashPlayer
https://nicolascoolman.eu/2017/09/23/trojan-elpman/  =>Trojan.Elpman
https://nicolascoolman.eu/2017/09/15/sup-bearshare/  =>.SUP.BearShare
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/12/22/sup-downloader/  =>.SUP.Downloader
https://nicolascoolman.eu/forum/Topic/manager-logiciel-potentiellement-indesirable-pup-lpi/  =>PUP.Optional.Manager
https://nicolascoolman.eu/forum/Topic/auslogics-logiciel-potentiellement-superflu-lps/  =>SUP.Optional.Auslogics


---\\ Limpieza adicional. (12)
~ Clave de registro Tracing borrados (12)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ Opera Stable OK
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 3336
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 9/17


---\\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto
~ Iniciar navegadores con extensiones eliminadas





~ End of clean in 00h00mn34s

---\\  Reporte (2)
ZHPCleaner-[S]-13052021-13_22_13.txt
ZHPCleaner-[R]-13052021-13_26_43.txt

despues del escaner, me abrio como 15 pestañas del navegador, eso es normal? no dice el manual

el problema del acento sigue y también el hijack del navegador (sigue creando la extension uFunTwit)

Hola, buenas @unnicknamed

OK, tranquilo no pasa nada. Ya nos encargaremos de estos después.

Respecto al ZHPCleaner >> ha hecho lo que debía de hacer :+1: y me habrá ahorrado trabajo.

Creo que no es normarl esto que comentas.

Pero evidentemente como tienes la máquina aún con varias infecciones, pues todo y no ser normal es normal que al tenerla infectada pasen cosas de estas.

:+1: tal y como dije:

De todas formas por el camino ya hemos eliminado varias infecciones y hemos realizado ciertos procedimientos que harán que el analizar los logs de FRST vaya más rápido y tarde algo menos de lo normal.

Así que lanzaremos/utilizaremos FRST, así que haces todo lo que te indique en este post:

Traes ambos logs, ponlos como ya :+1: sabes.

Salu2.

baiia baiia con que volvemos al mensaje 1 de 34 :laughing:

FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 15-05-2021
Ejecutado por Aldo (administrador) sobre GO8TREUBXZIFGAB (Sony Corporation VPCEG33FL) (15-05-2021 13:52:16)
Ejecutado desde C:\Users\Aldo\Desktop
Perfiles cargados: Aldo
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Communications Inc. -> Atheros Communications) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications Inc. -> Atheros) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Brio) [Archivo no firmado] C:\Program Files (x86)\FolderSize\FolderSizeSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\OfficeClickToRun.exe.bak
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe <2>
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications Inc. -> Atheros Communications) [Archivo no firmado]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1859936 2016-01-22] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation -> Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-30] (Adobe Inc. -> Adobe)
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {25276d0c-40f6-11e2-8faa-642737a64170} - D:\LGAutoRun.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {584bb54d-38d3-11e3-a095-b284bff2cb28} - D:\iStudio.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {d81eb27d-9d7d-11eb-bebc-78843cb2a9d4} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {e0a0c50a-97c6-11ea-a042-642737a64170} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\AvastSS.scr [53208 2016-08-26] (AVAST Software a.s. -> AVAST Software)
HKU\S-1-5-21-1562237412-835404634-1912169428-501\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3425224 2016-10-25] (ACD Systems International -> ) [Archivo no firmado]
HKLM\...\Windows x64\Print Processors\hpfpp101: C:\Windows\System32\spool\prtprocs\x64\hpfpp101.dll [254464 2009-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\hpf3l101.dll: C:\Windows\system32\hpf3l101.dll [138752 2009-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {07218E67-94EC-49BD-9F8D-FD74EDC0DDD3} - System32\Tasks\{23578398-CEE3-4500-8F93-C4C06972AE1D} => C:\Users\Aldo\Desktop\PSCS5 Portatil - DR\Photoshop.exe
Task: {08F212B8-70A1-4F6B-895C-4E153B53495B} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {100331D9-3FB3-4C2D-9A07-B0F26F3D948D} - System32\Tasks\{2BF43F67-32DF-4A5A-8988-FA39239EAB06} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\polarr\download\File-Install-v9.7.exe -d C:\Users\Aldo\Descargas\polarr\download
Task: {142739EE-AE28-444E-A2A0-7FA5D42594F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-30] (Adobe Inc. -> Adobe)
Task: {154CB94D-8D60-4144-87D2-C033315619FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1812EB85-1B27-42C8-BE2C-EB1EFBB2FFFD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158576 2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F658DF4-FE2A-4DFD-89F9-1B895D923C4C} - System32\Tasks\AdobeAAMUpdater-1.0-ASDFGHJKL-Aldo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {25A74874-363E-4460-B1A2-15483EF9D769} - System32\Tasks\Microsoft\Windows\SyncCenter\Microsoft.Windows.Diasfer => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe "C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll"
Task: {2721EA1C-E758-47B7-92B6-087CB5107DB3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2763992 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {28497E92-B1A3-4429-8CDD-DF250D0CC772} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {28FB978E-DCF9-4F02-AE99-C6050D5651C8} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {31D3D4B5-F97C-4034-8B0E-4026BCCE7314} - System32\Tasks\AdobeGCInvoker-1.0-GO8TREUBXZIFGAB-Aldo => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {379A8A07-D95F-4F96-ACA9-A481041D90C2} - System32\Tasks\{4F1A3F2A-2AA1-4FFB-B58B-A5E183659637} => C:\Users\Aldo\Descargas\Visor De Imagenes.exe
Task: {3F6C8733-DC87-4C02-86EB-E910C5CBB446} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158776 2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {48803084-CD88-4ACA-BFB7-75DE0E51612F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038176 2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D411BF1-DF99-4B6C-BE08-7E847AEAD2FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-22] (Google Inc -> Google LLC)
Task: {58139403-57D2-463F-A174-5970933FBF2A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {5914574B-26DA-46FE-9464-3EB883ACAEE6} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {59A9F6D5-236C-4FC4-9EBE-FDFD0B8AAB43} - System32\Tasks\{FC3FEF76-2881-462C-B5AC-B3774E271C3A} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\AppData\Local\Temp\GLF3130\TROUBL~1.EXE -d C:\Users\Aldo\AppData\Local\Temp\GLF3130 <==== ATENCIÓN
Task: {6363BBAC-B862-4B56-8500-F3B973E6FB61} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {67C5692C-28EC-482D-861F-1F8650097854} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {71D6BB13-F89C-4B0A-9A3B-BDD75346A386} - System32\Tasks\{BA17A1DD-2763-49F9-8DCE-B6397E127B7D} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\iview452_plugins_setup.exe -d C:\Users\Aldo\Descargas
Task: {79532CA8-28D9-404B-946C-061B309306DE} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [401544 2012-02-20] (Sony Corporation -> Sony Corporation)
Task: {847CCEF9-5555-4F26-8549-03DAB3D8EE52} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
Task: {8F6905C2-A15D-47E8-B036-25951187A0D2} - System32\Tasks\{31F2A9BA-BF3E-4C68-88BC-5777112F6D26} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATENCIÓN
Task: {90C36FC5-3029-4498-AD70-D398F835A1DD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158576 2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {97CCC851-40C6-4ACE-8027-1A35FEFABE81} - System32\Tasks\AdobeAAMUpdater-1.0-GO8TREUBXZIFGAB-Aldo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {99AF2EE3-5DDB-47F7-B6C9-F1B848E03D25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {AAB7DE02-1698-4A7A-91CA-97514C1EF342} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {AAF01E43-1CC1-4536-A884-54937F26F2EE} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {AE7C164F-97F3-4D74-A793-B791567F2503} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158776 2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFB46529-85D0-4CE0-BFAD-634FF13EEA23} - System32\Tasks\{22D7371E-AECB-41B1-96AB-CE80CFCDF506} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\irfanview_shell_extension_plugin.exe -d C:\Users\Aldo\Descargas
Task: {B77D358E-7036-4D08-8464-F8316E94E2FE} - System32\Tasks\{BFFD73B5-61B9-48C9-AD84-F64419BC92E3} => C:\Users\Aldo\Desktop\PSCS5 Portatil - DR\Photoshop.exe
Task: {B893CD57-CDCA-471A-B19D-0415D8AB33E4} - System32\Tasks\{8157F1F6-4665-4392-8091-34C7A793D43E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\FolderSize\FolderSize.cpl"
Task: {B91F949E-E8E7-4A3E-92EE-56093750FC1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-22] (Google Inc -> Google LLC)
Task: {B94374C6-3F67-4862-9EA0-7066B7A0B655} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613240 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1F73762-3A89-480F-B5BE-62FE5B54CBFF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {C2BDA6F3-5D7A-40C5-B236-8025A0F65CBA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {CA875230-6BF5-4D57-90A8-601E4520BA62} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DD0218E2-F7BC-4BAF-9FFA-3A8A5EB7B2E1} - System32\Tasks\{10A77AFA-BD4B-4ED9-B7C8-07AC6456B258} => C:\Users\Aldo\Descargas\Visor De Imagenes.exe
Task: {DD949016-18C1-433C-A376-8E8AF9414539} - System32\Tasks\AdobeAAMUpdater-1.0-IvanAlvarez-Aldo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DF76A6A6-1824-4D50-844D-5C21D4A387BC} - System32\Tasks\{3B7FF47C-F9D1-4FD0-B093-EFD5B8827014} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\uninstall.exe"
Task: {E084A3E1-CC69-45C3-8623-57C1D09C01A3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E8639695-129D-4FA1-8422-643625F1CE97} - System32\Tasks\{56A5FCAC-197F-42B4-AE49-B78B35AD7B1F} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\iview442\iv_uninstall.exe -d C:\Users\Aldo\Descargas\iview442
Task: {F2EA5373-20C0-4592-A817-5767B3DEAF36} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-30] (Adobe Inc. -> Adobe)
Task: {FCCE8CD0-8E36-4425-9D91-2E12FD0E96BE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24613240 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\User_Feed_Synchronization-{CDA866C6-9F26-4257-AC19-286EF4EFD98B}.job => C:\Windows\system32\msfeedssync.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{87564972-9E5A-4321-8257-4943BE219920}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{D5E0AFEC-74F9-4011-85D9-BD44B2B0867B}: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF DefaultProfile: d3722gw7.default
FF ProfilePath: C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default [2021-05-08]
FF Extension: (Ant Video downloader) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2021-02-17]
FF Extension: (SCDL SoundCloud Downloader) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2020-10-16]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2020-10-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (uBlock Origin) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2021-03-01]
FF Extension: (Avast Online Security) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\[email protected] [2020-10-16] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Video DownloadHelper) - C:\Users\Aldo\AppData\Roaming\Mozilla\Firefox\Profiles\d3722gw7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-30] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-30] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-12] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-07] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-07] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-1562237412-835404634-1912169428-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]

Chrome: 
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-13]
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-05-03]
CHR DownloadDir: C:\Users\Aldo\Descargas
CHR HomePage: Profile 2 -> www.google.com
CHR StartupUrls: Profile 2 -> "www.google.com"
CHR Extension: (Polarr Photo Editor) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2019-12-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-04-28]
CHR Extension: (New XKit) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inobiceghmpkaklcknpniboilbjmlald [2020-09-27] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATENCIÓN
CHR Extension: (TumTaster) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm [2019-10-22]
CHR Extension: (Image DNA) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nifmhaejjafapjonfiidojfddmpndkmc [2016-08-12]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-28]
CHR Extension: (Better History) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-28]
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-05-15]
CHR Notifications: Profile 3 -> hxxps://www15a.willianpadilla.pro
CHR HomePage: Profile 3 -> www.google.com
CHR StartupUrls: Profile 3 -> "www.google.com"
CHR Extension: (Presentaciones) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-22]
CHR Extension: (Documentos) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-22]
CHR Extension: (Google Drive) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (MEGA) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-04-28]
CHR Extension: (Search and Replace) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2019-09-25]
CHR Extension: (YouTube) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-22]
CHR Extension: (Enhanced History) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpnkmdkoapbdhpmemnaikpbhajknmdb [2019-10-19]
CHR Extension: (Dark Reader) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2021-04-23]
CHR Extension: (Hojas de cálculo) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-22]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-19]
CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (New XKit) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\inobiceghmpkaklcknpniboilbjmlald [2020-09-27] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATENCIÓN
CHR Extension: (Video Blocker) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2019-09-25]
CHR Extension: (Video DownloadHelper) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-03-04]
CHR Extension: (Morpheon Dark) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2021-05-03]
CHR Extension: (Save Image As PNG) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2021-05-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Profile: C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-30] (Adobe Inc. -> Adobe)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-01-10] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros Communications Inc. -> Atheros) [Archivo no firmado]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [338632 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137448 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communications Inc. -> Atheros Communication Inc.) [Archivo no firmado]
R2 FolderSize; C:\Program Files (x86)\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [Archivo no firmado]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2012-03-11] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-03-25] () [Archivo no firmado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Archivo no firmado]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc. -> ArcSoft, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2017-07-14] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [483384 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469488 2019-09-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-05-19] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [12032 2010-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-05-09] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-05-09] (Zemana Ltd. -> Zemana Ltd.)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U4 dmwappushservice; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) (Lista blanca) =========

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-15 13:52 - 2021-05-15 13:53 - 000039388 _____ C:\Users\Aldo\Desktop\FRST.txt
2021-05-15 13:52 - 2021-05-15 13:52 - 000000000 ____D C:\Users\Aldo\Desktop\FRST-OlderVersion
2021-05-13 13:26 - 2021-05-13 13:26 - 000007200 _____ C:\Users\Aldo\Desktop\ZHPCleaner (R).txt
2021-05-13 13:22 - 2021-05-13 13:22 - 000008019 _____ C:\Users\Aldo\Desktop\ZHPCleaner (S).txt
2021-05-13 13:14 - 2021-05-13 13:26 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\ZHP
2021-05-13 13:14 - 2021-05-13 13:14 - 003327128 _____ (Nicolas Coolman) C:\Users\Aldo\Desktop\ZHPCleaner.exe
2021-05-13 13:14 - 2021-05-13 13:14 - 000000000 ____D C:\Users\Aldo\AppData\Local\ZHP
2021-05-11 21:07 - 2021-05-11 21:07 - 038336463 _____ C:\Users\Aldo\Desktop\colorchart.pdf
2021-05-10 23:02 - 2021-05-11 17:51 - 000000000 ____D C:\KVRT2020_Data
2021-05-10 23:00 - 2021-05-10 23:01 - 103461688 _____ (AO Kaspersky Lab) C:\Users\Aldo\Desktop\KVRT.exe
2021-05-10 22:53 - 2021-05-10 22:59 - 000010164 _____ C:\Users\Aldo\Desktop\eset.txt
2021-05-10 16:04 - 2021-05-12 16:51 - 000001201 _____ C:\Users\Aldo\Desktop\ESET Online Scanner.lnk
2021-05-10 16:04 - 2021-05-10 16:04 - 000000000 ____D C:\Users\Aldo\AppData\Local\ESET
2021-05-09 14:47 - 2021-05-09 14:49 - 000002963 _____ C:\Users\Aldo\Desktop\malwarebytes.txt
2021-05-08 21:27 - 2021-05-08 21:27 - 000002535 _____ C:\Users\Aldo\Desktop\HP Scan Extended.lnk
2021-05-08 19:27 - 2021-05-08 19:27 - 000000000 ___RD C:\Users\Aldo\Documents\Scanned Documents
2021-05-08 19:27 - 2021-05-08 19:27 - 000000000 ____D C:\Users\Aldo\Documents\Fax
2021-05-03 21:53 - 2021-05-03 21:53 - 000069838 _____ C:\Users\Aldo\Documents\cc_20210503_215347.reg
2021-05-03 21:48 - 2021-05-03 21:48 - 000002706 _____ C:\Users\Aldo\Desktop\AdwCleaner[C00].txt
2021-05-03 21:34 - 2021-05-03 21:47 - 000000000 ____D C:\AdwCleaner
2021-05-03 18:15 - 2021-05-03 18:15 - 000001920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-03 18:15 - 2021-05-03 18:15 - 000000000 ____D C:\Users\Aldo\AppData\Local\mbam
2021-05-03 18:12 - 2021-05-03 18:12 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-05-03 18:10 - 2021-05-03 18:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-03 18:10 - 2021-05-03 18:09 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-05-03 18:01 - 2021-05-03 18:01 - 000000138 _____ C:\Users\Aldo\Documents\cc_20210503_180116.reg
2021-05-03 17:07 - 2021-05-15 13:31 - 000000000 ____D C:\Program Files\CCleaner
2021-05-03 17:07 - 2021-05-13 13:35 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-03 17:07 - 2021-05-03 17:07 - 000002820 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-03 17:07 - 2021-05-03 17:07 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-05-03 17:07 - 2021-05-03 17:07 - 000000782 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-05-03 17:07 - 2021-05-03 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-05-03 17:04 - 2021-05-03 17:05 - 008534696 _____ (Malwarebytes) C:\Users\Aldo\Desktop\adwcleaner_8.2.exe
2021-05-01 15:38 - 2021-05-01 15:38 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-04-28 18:50 - 2021-04-28 18:50 - 000036743 _____ C:\Users\Aldo\Documents\tumblrtheme.txt
2021-04-28 15:59 - 2021-05-14 22:18 - 000000000 ___HD C:\ProgramData\Akamudg
2021-04-28 14:42 - 2021-04-28 14:45 - 000000267 _____ C:\DelFix.txt
2021-04-28 14:42 - 2021-04-28 14:42 - 000000000 ____D C:\Windows\ERUNT
2021-04-27 23:57 - 2021-04-27 23:57 - 000797760 _____ C:\Users\Aldo\Desktop\delfix.exe
2021-04-27 23:50 - 2021-05-15 13:52 - 000000000 ____D C:\FRST
2021-04-27 23:49 - 2021-05-15 13:52 - 002299392 _____ (Farbar) C:\Users\Aldo\Desktop\FRST64.exe
2021-04-25 16:26 - 2021-05-03 16:56 - 000003214 _____ C:\Windows\system32\Tasks\{2BF43F67-32DF-4A5A-8988-FA39239EAB06}
2021-04-25 15:57 - 2021-04-25 15:58 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\XkhcPoUSquhmmwkpiqevsTMaaECRFZXbMcWIjRruDyeTfRBoMdTBaiUtnVelFejqo
2021-04-25 15:56 - 2021-04-25 15:56 - 000000000 ____D C:\Windows\PublicGaming
2021-04-18 21:48 - 2021-04-18 21:48 - 000000000 ____D C:\Users\Aldo\Documents\IrfanView Sandbox

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2021-05-15 13:53 - 2017-05-09 14:43 - 000089752 _____ C:\Windows\ZAM.krnl.trace
2021-05-15 13:53 - 2017-05-09 14:43 - 000063338 _____ C:\Windows\ZAM_Guard.krnl.trace
2021-05-15 13:41 - 2009-07-13 23:45 - 000032384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-15 13:41 - 2009-07-13 23:45 - 000032384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-15 13:39 - 2016-04-14 00:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-15 13:38 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-05-15 13:36 - 2012-02-27 10:21 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-15 13:36 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2021-05-15 13:30 - 2014-07-15 20:29 - 000000000 ____D C:\Users\Aldo\AppData\Local\Adobe
2021-05-15 13:24 - 2018-05-30 22:12 - 000000000 ____D C:\Users\Aldo\AppData\Local\AVAST Software
2021-05-15 13:22 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2021-05-15 13:20 - 2012-02-27 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-15 13:20 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-14 23:43 - 2019-08-13 15:21 - 015776768 _____ C:\Users\Aldo\AppData\Local\SageThumbs.db3
2021-05-14 14:31 - 2012-06-02 18:59 - 000000000 ___RD C:\Users\Aldo\Descargas
2021-05-13 17:14 - 2019-01-11 19:40 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-12 17:19 - 2012-06-20 14:42 - 000000000 ____D C:\Users\Aldo\AppData\Local\CrashDumps
2021-05-12 16:38 - 2017-05-19 01:03 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-05-12 16:33 - 2019-09-22 16:12 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-10 17:32 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2021-05-09 00:54 - 2019-01-27 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-05-08 21:30 - 2014-01-18 00:53 - 000007625 _____ C:\Users\Aldo\AppData\Local\resmon.resmoncfg
2021-05-08 21:20 - 2020-08-10 12:50 - 010556200 _____ C:\Windows\system32\FNTCACHE.DAT
2021-05-08 19:34 - 2012-06-09 11:20 - 000000000 ____D C:\Users\Aldo\AppData\Local\HP
2021-05-08 19:34 - 2012-06-02 18:59 - 000308192 _____ C:\Users\Aldo\AppData\Local\GDIPFONTCACHEV1.DAT
2021-05-08 19:33 - 2012-06-09 11:06 - 000000000 ____D C:\Program Files (x86)\HP
2021-05-08 19:20 - 2019-01-27 17:21 - 000228529 _____ C:\Windows\hpoins46.dat
2021-05-08 19:12 - 2012-06-09 11:13 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\HpUpdate
2021-05-08 18:59 - 2012-06-09 11:03 - 000000000 ____D C:\ProgramData\HP
2021-05-08 18:56 - 2019-01-27 04:01 - 000002291 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2021-05-08 18:56 - 2019-01-27 04:01 - 000002291 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2021-05-08 15:52 - 2019-12-02 01:13 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-08 14:56 - 2017-01-05 21:16 - 000000000 ____D C:\Users\Aldo\AppData\LocalLow\Mozilla
2021-05-04 21:37 - 2019-08-12 15:51 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\vlc
2021-05-03 18:21 - 2012-02-27 11:38 - 000748254 _____ C:\Windows\system32\perfh00A.dat
2021-05-03 18:21 - 2012-02-27 11:38 - 000159694 _____ C:\Windows\system32\perfc00A.dat
2021-05-03 18:21 - 2009-07-14 00:13 - 001679378 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-03 18:16 - 2017-05-09 15:51 - 000001871 _____ C:\Users\Aldo\Desktop\Malwarebytes.lnk
2021-05-03 18:06 - 2016-09-18 00:43 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2021-05-03 17:17 - 2013-08-13 13:32 - 000000000 ____D C:\ProgramData\VSO
2021-05-03 17:17 - 2012-10-21 14:11 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\BitTorrent
2021-05-03 17:15 - 2014-01-04 23:47 - 000000000 ___DC C:\Users\Aldo\AppData\Local\MigWiz
2021-05-03 17:15 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\ModemLogs
2021-05-03 17:10 - 2013-04-02 13:06 - 000000000 ____D C:\Temp
2021-05-03 16:56 - 2020-10-04 18:00 - 000003148 _____ C:\Windows\system32\Tasks\{3B7FF47C-F9D1-4FD0-B093-EFD5B8827014}
2021-05-03 16:56 - 2020-05-30 16:59 - 000004290 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-05-03 16:56 - 2019-09-22 16:10 - 000003470 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-03 16:56 - 2019-09-22 16:10 - 000003342 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-03 16:56 - 2019-01-22 18:29 - 000003180 _____ C:\Windows\system32\Tasks\{22D7371E-AECB-41B1-96AB-CE80CFCDF506}
2021-05-03 16:56 - 2019-01-22 18:28 - 000003160 _____ C:\Windows\system32\Tasks\{BA17A1DD-2763-49F9-8DCE-B6397E127B7D}
2021-05-03 16:56 - 2019-01-11 19:41 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-05-03 16:56 - 2018-11-06 16:24 - 000004504 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-05-03 16:56 - 2018-06-17 01:39 - 000003470 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0-GO8TREUBXZIFGAB-Aldo
2021-05-03 16:56 - 2016-11-29 21:53 - 000003176 _____ C:\Windows\system32\Tasks\{56A5FCAC-197F-42B4-AE49-B78B35AD7B1F}
2021-05-03 16:56 - 2016-09-19 22:12 - 000003106 _____ C:\Windows\system32\Tasks\{8157F1F6-4665-4392-8091-34C7A793D43E}
2021-05-03 16:56 - 2016-07-13 14:41 - 000003352 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-07-13 14:41 - 000003216 _____ C:\Windows\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-07-08 12:48 - 000003374 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-07-08 12:48 - 000003238 _____ C:\Windows\system32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1562237412-835404634-1912169428-1000
2021-05-03 16:56 - 2016-05-21 15:00 - 000003514 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-GO8TREUBXZIFGAB-Aldo
2021-05-03 16:56 - 2015-12-03 19:48 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-05-02 15:53 - 2017-05-23 18:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-29 18:41 - 2019-03-27 17:21 - 000000000 ___RD C:\Users\Aldo\Desktop\respuestas
2021-04-28 13:40 - 2012-06-02 18:58 - 000000000 ____D C:\Users\Aldo
2021-04-28 13:30 - 2020-03-10 14:41 - 000000000 ____D C:\Program Files\Bulk Rename Utility
2021-04-28 13:30 - 2017-10-06 10:56 - 000000000 ____D C:\Users\TEMP
2021-04-28 13:30 - 2012-09-23 21:32 - 000000000 ____D C:\Users\Invitado
2021-04-28 13:30 - 2012-06-08 18:02 - 000000000 ____D C:\Program Files (x86)\Atheros WiFi Driver Installation
2021-04-28 13:30 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Msdtc
2021-04-27 15:54 - 2018-11-06 13:16 - 000000033 _____ C:\Users\Aldo\AppData\Roaming\AdobeWLCMCache.dat
2021-04-25 17:06 - 2012-10-21 13:31 - 000000000 ____D C:\Users\Aldo\AppData\Local\ElevatedDiagnostics

==================== Archivos en la raíz de algunos directorios ========

2012-12-02 11:48 - 2019-01-29 19:03 - 000000132 _____ () C:\Users\Aldo\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2012-06-22 21:26 - 2020-10-09 21:22 - 000000132 _____ () C:\Users\Aldo\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-11-06 13:16 - 2021-04-27 15:54 - 000000033 _____ () C:\Users\Aldo\AppData\Roaming\AdobeWLCMCache.dat
2013-04-20 21:23 - 2013-06-13 17:43 - 000000082 _____ () C:\Users\Aldo\AppData\Roaming\MultiFill Prefs
2013-08-13 13:33 - 2015-02-15 17:43 - 000007859 _____ () C:\Users\Aldo\AppData\Roaming\pcouffin.cat
2013-08-13 13:33 - 2015-02-15 17:43 - 000001167 _____ () C:\Users\Aldo\AppData\Roaming\pcouffin.inf
2013-08-13 13:33 - 2015-02-15 17:43 - 000000055 _____ () C:\Users\Aldo\AppData\Roaming\pcouffin.log
2013-08-13 13:33 - 2015-02-15 17:43 - 000082816 _____ (VSO Software) C:\Users\Aldo\AppData\Roaming\pcouffin.sys
2018-01-27 17:38 - 2018-01-27 17:41 - 000018432 ___SH () C:\Users\Aldo\AppData\Roaming\Thumbs.db
2012-07-15 11:02 - 2012-07-15 11:02 - 000011583 _____ () C:\Users\Aldo\AppData\Roaming\UserTile.png
2012-06-10 15:57 - 2020-06-20 13:01 - 000001456 _____ () C:\Users\Aldo\AppData\Local\Adobe Save for Web 12.0 Prefs
2020-10-10 22:31 - 2021-04-02 21:58 - 000003584 _____ () C:\Users\Aldo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-27 21:49 - 2019-01-27 21:49 - 000003879 _____ () C:\Users\Aldo\AppData\Local\recently-used.xbel
2014-01-18 00:53 - 2021-05-08 21:30 - 000007625 _____ () C:\Users\Aldo\AppData\Local\resmon.resmoncfg
2019-08-13 15:21 - 2021-05-14 23:43 - 015776768 _____ () C:\Users\Aldo\AppData\Local\SageThumbs.db3
2018-11-20 23:58 - 2018-11-20 23:58 - 002440206 _____ () C:\Users\Aldo\AppData\Local\[j0003]-[p28].bmp
2019-02-19 17:23 - 2019-02-19 17:23 - 002447334 _____ () C:\Users\Aldo\AppData\Local\[j0004]-[p38].bmp
2019-02-19 17:28 - 2019-02-19 17:28 - 002447334 _____ () C:\Users\Aldo\AppData\Local\[j0005]-[p20].bmp
2018-11-04 17:39 - 2018-11-04 17:39 - 002447334 _____ () C:\Users\Aldo\AppData\Local\[j0005]-[p24].bmp
2014-10-08 22:27 - 2014-10-08 22:27 - 000000000 _____ () C:\Users\Aldo\AppData\Local\{1E13123C-2396-45C9-8A43-2F2C211D9081}
2017-01-30 18:10 - 2017-01-30 18:10 - 000000000 _____ () C:\Users\Aldo\AppData\Local\{EFB99F78-F5E5-4F0A-A95B-108184896408}

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2021-05-13 13:09
==================== Final de FRST.txt ========================

addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 15-05-2021
Ejecutado por Aldo (15-05-2021 13:53:43)
Ejecutado desde C:\Users\Aldo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-02 23:58:57)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1562237412-835404634-1912169428-500 - Administrator - Disabled)
Aldo (S-1-5-21-1562237412-835404634-1912169428-1000 - Administrator - Enabled) => C:\Users\Aldo
HomeGroupUser$ (S-1-5-21-1562237412-835404634-1912169428-1007 - Limited - Enabled)
Invitado (S-1-5-21-1562237412-835404634-1912169428-501 - Limited - Enabled) => C:\Users\Invitado

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
abrMate version 1.1 (HKLM-x32\...\abrMate_is1) (Version: 1.1 - )
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.0.0.839 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{A1BC7068-C1BA-410F-8B9A-DB807C803DE2}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Ant Video downloader (Native messaging host) (HKLM-x32\...\{73CE6109-2EA1-4EF8-9C30-B56E05C200E4}) (Version: 4.9 - Ant.com)
Apple Application Support (32 bits) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7D606B87-0AEB-4C27-ABCE-1138EE09777B}) (Version: 13.0.0.41 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.484 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Autodesk SketchBook Copic Edition (HKLM-x32\...\{1A574D80-0A3B-4DE0-8748-739BABD8BFAD}) (Version: 2.02.0000 - Autodesk)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
BitTorrent (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\BitTorrent) (Version: 7.10.5.45967 - BitTorrent Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bulk Rename Utility 3.3.1.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
CLIP STUDIO 1.9.4 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.9.4 - CELSYS)
CLIP STUDIO MODELER 1.9.1 (HKLM-x32\...\{1B6FE598-3814-4076-90DC-7E76823AE7A0}) (Version: 1.9.1 - CELSYS)
CLIP STUDIO PAINT 1.9.4 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.9.4 - CELSYS)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.50 - Conexant)
Corel Painter 12 - IPM (HKLM\...\{AC6FC993-CCD1-41A5-B61C-AD61F90549BE}) (Version: 12.4 - Corel Corporation) Hidden
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DesignDoll (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\a94d3e1b3ab3bea6) (Version: 1.4.0.0 - Terawell)
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version:  - )
dupeGuru 4.0.4 (HKLM\...\dupeGuru) (Version: 4.0.4 - Hardcoded Software)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FaceGen Modeller 3.4 Free (HKLM-x32\...\{05156799-4EC3-4885-864E-E190A429B307}) (Version: 3.4.0 - Singular Inversions Inc.)
Folder Size (HKLM-x32\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
GrampsAIO64 (HKLM\...\GrampsAIO64 5.0.1) (Version: 5.0.1 - The Gramps project)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Scan Extended (HKLM-x32\...\{11338856-1974-4B3C-ACBC-9F98A8FF79FD}) (Version: 35.0.0.0 - Hewlett-Packard Co.)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
iMazing 2.10.6.0 (HKLM\...\iMazing_is1) (Version: 2.10.6.0 - DigiDNA)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Keyboard Shortcuts (HKLM-x32\...\{FE8974B4-479C-4DBA-8544-9E5342ABB26A}) (Version: 1.1.0.08290 - Sony Corporation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Manual de VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12527.21912 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (es-MX) (HKLM-x32\...\{BE94188A-CA4F-4AC7-A1B3-52D37882C30D}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (es-ES, Helena) (HKLM-x32\...\{8A732901-9531-4CC2-8D5B-9CBA1D8DE4FD}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (es-MX, Hilda) (HKLM-x32\...\{01C2594B-FA78-4C33-A9B7-6090A5EF7E90}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notion 2.0.11 (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.11 - Notion Labs, Incorporated)
Notion 2.0.9 (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\{fcdf0d7f-424b-5f10-a1c7-a8f643f21adf}) (Version: 2.0.9 - Notion Labs, Incorporated)
NVIDIA Controlador de 3D Vision 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 269.73 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 269.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 269.73 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA nView 136.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.02 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.12.0507 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0507 - NVIDIA Corporation)
Oasis2Service 1.0 (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.0 - DDNi)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21912 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21912 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12527.21912 - Microsoft Corporation) Hidden
OOBE (HKLM-x32\...\{18894D16-5448-4BF9-A128-F7E937322F91}) (Version: 11.2.1.10 - Sony Corporation)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
SageThumbs 2.0.0.23 (HKLM\...\SageThumbs) (Version: 2.0.0.23 - Cherubic Software)
Sculptris Alpha 6 (HKLM-x32\...\{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic) Hidden
Sculptris Alpha 6 (HKLM-x32\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version:  - Microsoft)
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.25-5 - Wacom Technology Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.362 - Microsoft Corporation)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs)
Topaz B&W Effects (HKLM-x32\...\{B7EB8FB7-F89E-480B-952D-813F413653BE}) (Version: 1.1.0 - Topaz Labs) Hidden
Topaz Clean 3 (HKLM-x32\...\{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (HKLM-x32\...\{9E146BA1-26DD-4C3B-9F0F-90F2E3CEC9D2}) (Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM-x32\...\{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}) (Version: 2.0.5 - Topaz Labs) Hidden
Topaz Fusion Express 2 (HKLM-x32\...\{770D3BDC-19D7-49D0-B60B-C5BB77553FBB}) (Version: 2.1.1 - Topaz Labs) Hidden
Topaz InFocus (HKLM-x32\...\{5BDEA9E0-E55B-45A7-93F7-6B8F68F851E5}) (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Lens Effects (HKLM-x32\...\{6E07CF4B-A9EB-45BF-BE74-613B3D708E13}) (Version: 1.2.0 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM-x32\...\{8117EA22-035F-4880-86AE-AC7C4F1FA3E2}) (Version: 3.2.1 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs)
Topaz Simplify 3 (HKLM-x32\...\{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Simplify 3 (HKLM-x32\...\Topaz Simplify 3) (Version: 3.0.2 - Topaz Labs)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs)
Transferencias VAIO (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Messenger (HKLM-x32\...\{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF}) (Version: 2.0.118.0 - DDNi) Hidden
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.5 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.0.09010 - Sony Corporation)
VAIO Satisfaction Survey. (HKLM-x32\...\VAIO Satisfaction Survey.3.0) (Version: 3.0 - Sony Electronics Inc.)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VCCx86 (HKLM-x32\...\{9B088046-8A01-4355-99DD-8530C022F682}) (Version: 1.0.0 - Sony Corporation) Hidden
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VESx64 (HKLM\...\{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (HKLM-x32\...\{3A94F54D-A8A4-4B82-B346-92B4D56A2708}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version:  - Media Converters)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (HKLM-x32\...\{A49A517F-5332-4665-922C-6D9AD31ADD4F}) (Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WinHex (HKLM-x32\...\WinHex) (Version:  - )
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
XnView 2.05 (HKLM-x32\...\XnView_is1) (Version: 2.05 - Gougelet Pierre-e)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2011.4 - URSoft, Inc.)
Zoom (HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\ZoomUMX) (Version: 5.2.3 (45120.0906) - Zoom Video Communications, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1562237412-835404634-1912169428-1000_Classes\CLSID\{2bc833fd-0ec6-468c-90c4-e1b75adf9d29}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1562237412-835404634-1912169428-1000_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}\InprocServer32 -> csp16.dll => Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2019-10-17] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1: [IrfanViewShellExt] -> {C835F12F-DD15-4294-B245-954A877D778A} => C:\Program Files (x86)\IrfanView\Shell Extension\IrfanViewShellExt64.dll [2019-01-22] (Irfan Skiljan) [Archivo no firmado]
ContextMenuHandlers1: [IZArcCM] -> {3BBAC0AD-8227-3462-C8EF-A36794DD8CD2} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2011-02-28] () [Archivo no firmado]
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [SageThumbs] -> {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} => C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll [2017-05-09] (CherubicSoft) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2019-10-17] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-04-29] (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2019-10-17] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4: [IZArcCM] -> {3BBAC0AD-8227-3462-C8EF-A36794DD8CD2} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2011-02-28] () [Archivo no firmado]
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nView\nvshell.dll [2011-09-07] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-01-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Akamudg\Nmzm\1E204270"
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\asdfghjkl - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Aldo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Módulos cargados (Lista blanca) =============

2010-03-25 20:07 - 2010-03-25 20:07 - 000032256 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspUpdate.dll
2010-03-25 20:07 - 2010-03-25 20:07 - 000046592 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\DdniCore.dll
2016-05-10 19:28 - 2015-12-19 15:36 - 000253952 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll
2012-06-05 17:51 - 2011-02-28 08:39 - 000211456 _____ () [Archivo no firmado] C:\Program Files (x86)\IZArc\IZArcCM64.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000013824 _____ () [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2012-02-27 10:07 - 2011-02-14 01:15 - 001892352 _____ (Apache Software Foundation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000019104 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000044192 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BPP.DLL
2011-04-29 18:19 - 2011-04-29 18:19 - 000047776 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BTBIP.DLL
2011-04-29 18:19 - 2011-04-29 18:19 - 000182944 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000109728 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\GOEP.DLL
2011-04-29 18:19 - 2011-04-29 18:19 - 000084640 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2011-04-29 18:19 - 2011-04-29 18:19 - 000122528 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 002235040 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000076448 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\PhoneBook.DLL
2011-04-29 18:20 - 2011-04-29 18:20 - 000080544 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000130720 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\sesmgr.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000434336 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000044704 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\sim.DLL
2011-04-29 18:20 - 2011-04-29 18:20 - 000067232 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
2011-04-29 18:20 - 2011-04-29 18:20 - 000029856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [Archivo no firmado] C:\Program Files (x86)\Bluetooth Suite\utils.DLL
2012-06-08 18:02 - 2011-07-01 16:24 - 000114688 _____ (Atheros Communications, Inc.) [Archivo no firmado] C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-06-08 18:02 - 2011-07-01 16:24 - 000269824 _____ (Atheros Communications, Inc.) [Archivo no firmado] c:\program files (x86)\atheros wifi driver installation\athihvwpap2p.dll
2017-05-09 02:40 - 2017-05-09 02:40 - 000475648 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll
2017-05-09 02:40 - 2017-05-09 02:40 - 000716288 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\sqlite3.dll
2010-03-25 20:07 - 2010-03-25 20:07 - 000249344 _____ (Digital Delivery Networks, Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\DDNi\Oasis2Service 1.0\AspX3.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2012-02-27 09:53 - 2010-11-06 00:51 - 000032768 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\es-ES\IAStorIcon.resources.dll
2012-02-27 09:53 - 2010-11-06 00:51 - 000004608 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\es-ES\IntelVisualDesign.resources.dll
2012-02-27 09:53 - 2010-11-06 00:50 - 001109504 _____ (Intel Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2012-02-27 10:07 - 2011-02-14 01:15 - 000069632 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2020-03-11 21:20 - 2020-03-11 21:20 - 000475648 _____ (Intel Corporation) [Archivo no firmado] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e4da073bd55348a8691e5f02377b263b\IAStorUtil.ni.dll
2019-01-22 18:29 - 2019-01-22 18:29 - 000167424 _____ (Irfan Skiljan) [Archivo no firmado] C:\Program Files (x86)\IrfanView\Shell Extension\IrfanViewShellExt64.dll
2019-01-22 20:00 - 2019-01-22 20:00 - 000113664 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2019-01-22 20:00 - 2019-01-22 20:00 - 001654784 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2016-01-31 15:46 - 2016-01-22 21:54 - 001186352 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Archivo no firmado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000096768 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000018432 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000109568 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SSLProxyCOM.dll
2012-02-27 10:22 - 2011-03-04 18:05 - 000192512 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000089600 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000301568 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000225280 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000084992 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000079360 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000062464 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000108032 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000056832 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000071168 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
2012-02-27 10:24 - 2011-03-05 17:42 - 000035840 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll
2012-02-27 10:10 - 2011-01-22 16:15 - 000122880 _____ (Sony Corporation) [Archivo no firmado] C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 001519104 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfl340.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 000256000 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfle340.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [402]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => AutoCADScriptFile
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Versión 11) (Lista blanca) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://prodigy.msn.com/es-mx/?pc=UE12&ocid=UE12DHP
HKU\S-1-5-21-1562237412-835404634-1912169428-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.mx/
HKU\S-1-5-21-1562237412-835404634-1912169428-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-501 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-501 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Sin Nombre -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Ningún archivo
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-22] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\sharepoint.com -> hxxps://azcuammx-files.sharepoint.com

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 21:34 - 2020-10-04 17:46 - 000001468 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
127.0.0.1		activation.alienskin.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1562237412-835404634-1912169428-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CleanupPSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: ose64 => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupreg: ACDSeeCommanderUltimate10 => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe                                                                                                                                                                                          
MSCONFIG\startupreg: ACUW10EN => "C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: TuneupUI.exe => "C:\Program Files\Avast Software\Cleanup\TuneupUI.exe" /nogui

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{583A698D-AA90-4269-989B-1349AFAD35CE}] => (Allow) E:\setup\hpznui40.exe => Ningún archivo
FirewallRules: [{A53D53B6-8678-430C-808D-D977086E6866}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C122B600-27BF-4629-A9B3-384D5A0DFE34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{FF96FD1F-7B86-4B3B-8D60-A5C119C94D46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F531373-56AA-41DF-BF56-B88290CA2063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{64AA662F-D8BB-421C-B0DE-860EF0F0AFF4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{98A240A7-F081-41F9-88C7-36F1B5C596D3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{388A002A-D2C4-4926-9C9E-934D6EEC2506}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0B0BF5DF-0C15-4CA8-AA06-7EB7A1187A1A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C8931744-749C-4AC4-9F2E-B23F12E0738A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{006FCD80-4742-4CAC-BBDD-5670BDF156B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C0744849-BAAE-45BA-8171-B7B844F1AFEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{31FAA7B8-85AE-4681-8FBC-09A156E82259}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{F4974079-78BC-40CD-82A9-3FC0AEB9BC30}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe => Ningún archivo
FirewallRules: [{5C1A7645-6E3B-4B7C-AAA6-6289FA7CA16C}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe (Atheros Communications Inc. -> Atheros Communication Inc.) [Archivo no firmado]
FirewallRules: [{5A8A5859-6CEC-4C2F-8CE2-A3BD25254DA5}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{9EE50C97-DC36-442D-94E8-A176A5135510}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{CC26CA53-FBB1-4B7D-899B-B22BA119D020}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{5B911A3E-C8FF-48CD-9648-AA532B325C32}] => (Allow) C:\Users\Aldo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6B9F5E06-FEC1-4C9D-96D9-BE5EF769EAC0}] => (Allow) C:\Users\Aldo\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CBD71500-5334-4BB2-B544-DA1DEF2FF4F2}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{7D8BDD9B-6C89-47DB-BF84-9BC21A91A337}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{FAC6F437-3A69-4065-8C61-06686A0FBEF9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{800859AB-23F6-40AF-8FBC-FF8159F73A89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5A01B999-0711-4751-9CA6-E8E9AD039A67}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE938C0D-0DA2-46F0-AB44-CC4CFC7F5CD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E14FF000-3043-41F6-9C1B-C3BCA805F3BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47B428FF-7909-496F-BA9F-1E09B7AA2F08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A97AE12-723D-49CD-AE36-16BF781A5E42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DAD55F8-6DB0-46BB-B0A4-93528097FD30}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1DCA7D1-4C1C-40DA-8E0F-E54188E3D54E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{907E6D5B-95B3-4E25-8CB9-BA65D7F2782C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [Archivo no firmado]
FirewallRules: [{D6608A8E-0F7B-4EC3-AC33-DC18F805F08C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{5A99B11A-1F2A-4540-A69B-5BE30AF817F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{04EA5B00-C6CF-41A3-BA7E-05C652C41A44}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9750E767-839F-4461-8CF0-95A5946BAC6F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{8FFCBDD6-35CD-4AC7-9D47-1FD3049F169D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [Archivo no firmado]
FirewallRules: [{BF02B680-7ADF-4B8C-B2FA-5F91C1E1C303}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C3CED67-7D4A-4D6A-A85D-561ADC9BC9DC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4BBE1F0A-1492-4319-8E86-78B4D93BF93B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5029C4F9-67C9-4630-BEF9-2AFCD0CE3FDC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{D184A292-9C94-4B89-8B18-993122291E02}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{85300B71-C5EC-4EFB-B957-4102BA784C15}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2CF20C1-AE88-4498-A533-0F225346B153}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29D418AE-29E6-417C-BEE1-01D39E06D6B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C89B5C8C-6CE6-4DCF-93A3-6DE6CA243B9E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{63FB1851-8D7F-48D7-96D5-E8229731844B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A81C5618-10D9-4578-B012-1EEA2E1DE759}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E501B7D6-CF99-4067-B251-4D3E79E15B56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5C1B3D2-CB27-41E3-8C0A-CCBE3FA72618}] => (Allow) C:\Users\Aldo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E2D86333-8B86-45D8-866E-11EB9FEF4CA1}] => (Allow) C:\Users\Aldo\AppData\Local\Temp\7zS728E\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{E61E4F5A-E5D2-4C43-A15D-EBB2E961E2C4}] => (Allow) C:\Users\Aldo\AppData\Local\Temp\7zS728E\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{A25894E2-446D-45CD-BF6A-4645B5E53F1E}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{80CF3E87-9DD9-4219-9F6A-C8271A5BC85B}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{5FDC26D9-62D8-4553-9508-CCB4068D8781}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

25-04-2021 16:02:59 {7ae07e8c-2ec3-4337-a362-0da2883225f2}
28-04-2021 12:29:45 Operación de restauración
08-05-2021 19:33:22 Installed HP Scan Extended

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VBoxAsw Support Driver
Description: VBoxAsw Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: VBoxAswDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/15/2021 01:39:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/15/2021 01:20:36 PM) (Source: NVNetworkService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/15/2021 01:20:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/14/2021 09:39:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80004005).

Error: (05/14/2021 12:57:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80004005).

Error: (05/13/2021 01:31:16 PM) (Source: NVNetworkService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/13/2021 01:31:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/13/2021 12:57:24 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Un problema impidió que los datos del Programa para la mejora de la experiencia del usuario se enviaran a Microsoft, (error 80004005).

addition 2.0

Errores del sistema:
=============
Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.

Error: (05/15/2021 01:56:52 PM) (Source: cdrom) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\CdRom0.


Windows Defender:
================
Date: 2014-10-30 20:55:43.233
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{09E2FBFB-3D23-4BAC-BBB0-F84FEBE4B943}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:ASDFGHJKL\Aldo

Date: 2014-10-30 20:55:30.706
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{96F6FF88-6952-4EB4-BD7E-93D16F7A3273}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:ASDFGHJKL\Aldo

Date: 2016-04-23 14:54:39.460
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2016-04-14 13:32:31.286
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

Date: 2014-01-18 01:25:07.878
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

==================== Información de la memoria =========================== 

BIOS: INSYDE R0240Z8 01/06/2012
Placa base: Sony Corporation VAIO
Procesador: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Porcentaje de memoria en uso: 53%
RAM física total: 8173.86 MB
RAM física disponible: 3839.01 MB
Virtual total: 16345.86 MB
Virtual disponible: 12526.27 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:454.87 GB) (Free:117.63 GB) NTFS
Drive e: () (CDROM) (Total:0 GB) (Free:0 GB) 

\\?\Volume{f9f795db-6150-11e1-a002-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
\\?\Volume{f9f795da-6150-11e1-a002-806e6f6e6963}\ (Recovery) (Fixed) (Total:10.79 GB) (Free:1.1 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B878DD9A)
Partition 1: (Not Active) - (Size=10.8 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.9 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Ok. Déjame un tiempo para analizar dichos logs. Pues son un poco extensos. En un par o 3 de días lo tienes.

¿Entiendo que sigues queriendo mi ayuda? ¿No? Lo digo por este comentario tuyo:

Ami no me hace ninguna gracia, ya que tienes la máquina infectada y tienes drivers, servicios y partes del sistema dañadas o poco estables.

Aparte vi que abriste este otro tema:

Y el problema que te sucede puede deberse a alguna de estas causas que ya dije:

la máquina infectada y tienes drivers, servicios y partes del sistema dañadas o poco estables.

Seguimos y verás como iremos arreglándolo todo. Solo te pido un poco de paciencia.

Coméntame como quieres que procedamos y seguimos.

Salu2.

era una referencia de the office :cry: porque después de todo volvimos al principio y todos los programas detectan el mismo virus :sob:

ah, era para saber si alguien tenia un problema similar con la fibra óptica, pero la reinstalación y actualización fue hace meses, no mientras estaba siguiendo tus instrucciones

espero

Hola, buenas @unnicknamed

Primero de todo disculpa que haya tardado en responder. Lo prometido es deuda así que…

:zero: PREGUNTAS

Instalaste o reconoces el siguiente software:

R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-05-09] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-05-09] (Zemana Ltd. -> Zemana Ltd.)

Instalaste o reconoces las siguientes extensiones:

CHR Extension: (Enhanced History) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpnkmdkoapbdhpmemnaikpbhajknmdb [2019-10-19]
CHR Extension: (Better History) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\obciceimmggglbmelaidpjlmodcebijb [2017-06-07]
CHR Extension: (New XKit) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\inobiceghmpkaklcknpniboilbjmlald [2020-09-27] [UpdateUrl:hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATENCIÓN
CHR Extension: (Image DNA) - C:\Users\Aldo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nifmhaejjafapjonfiidojfddmpndkmc [2016-08-12]

Reconoces los siguientes programas:

Bulk Rename Utility 3.3.1.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version:  - TGRMN Software)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version:  - Media Converters)
CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATENCIÓN
Ant Video downloader (Native messaging host) (HKLM-x32\...\{73CE6109-2EA1-4EF8-9C30-B56E05C200E4}) (Version: 4.9 - Ant.com)
IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
SageThumbs 2.0.0.23 (HKLM\...\SageThumbs) (Version: 2.0.0.23 - Cherubic Software)

:one: DESINSTALACIÓN PROGRAMAS

Para los programas en que te diga: puedes quitarlos. Hazlo así:

Desinstalalos con Revo Uninstaller en su Modo Avanzado. Para ello sigues su manual la parte de desinstalación de programas.

Quitas todos los programas que encuentre Revo. Solo los que te indicaré a continuación.

Pues serían los siguientes:

Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.3.2011.4 - URSoft, Inc.)

Estos deben de quedar completamente desinstalados.

:one: Ahora debes de hacer una COPIA DE SEGURIDAD DEL REGISTRO, para ello:

  • Reinicias el ordenador en Modo Normal.

  • Descargas DelFix en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marcas solamente la casilla de Create registry backup, el resto te aseguras de que no estén seleccionadas.

  • Presionas en Run.

Se abrirá el informe (DelFix.txt), puedes cerrarlo. Pero lo guardas por si en el futuro te lo pido/hace falta.

Seguidamente, CIERRAS TODOS LOS PROGRAMAS, vas a Inicio >> Ejecutar y escribes Notepad.exe

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
File: C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll;C:\Users\Aldo\AppData\Local\Temp\GLF3130\TROUBL~1.EXE
File: C:\Users\Aldo\AppData\Local\SageThumbs.db3;C:\Users\Aldo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Users\Aldo\AppData\Local\GDIPFONTCACHEV1.DAT;C:\Windows\hpoins46.dat;C:\Program Files (x86)\IZArc\IZArcCM64.dll;c:\program files (x86)\atheros wifi driver installation\athihvwpap2p.dll;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll;C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll;C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll;C:\Program Files (x86)\SageThumbs\64\sqlite3.dll;C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e4da073bd55348a8691e5f02377b263b\IAStorUtil.ni.dll;C:\Program Files (x86)\IrfanView\Shell Extension\IrfanViewShellExt64.dll;C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL;C:\Users\Aldo\AppData\Local\SageThumbs.db3;C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll;C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
VirusTotal: C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll;C:\Users\Aldo\AppData\Local\Temp\GLF3130\TROUBL~1.EXE
VirusTotal: C:\Users\Aldo\AppData\Local\SageThumbs.db3;C:\Users\Aldo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini;C:\Users\Aldo\AppData\Local\GDIPFONTCACHEV1.DAT;C:\Windows\hpoins46.dat;C:\Program Files (x86)\IZArc\IZArcCM64.dll;c:\program files (x86)\atheros wifi driver installation\athihvwpap2p.dll;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll;C:\Program Files (x86)\Atheros WiFi Driver Installation\AthIhvWlanExt.dll;C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll;C:\Program Files (x86)\SageThumbs\64\sqlite3.dll;C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e4da073bd55348a8691e5f02377b263b\IAStorUtil.ni.dll;C:\Program Files (x86)\IrfanView\Shell Extension\IrfanViewShellExt64.dll;C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL;C:\Users\Aldo\AppData\Local\SageThumbs.db3;C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll;C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
Folder: C:\Program Files\Bulk Rename Utility
Folder: C:\Windows\ModemLogs
Folder: C:\Users\Aldo\Documents\IrfanView Sandbox
Folder: C:\Program Files (x86)\StoryMessage\RxotVogump
Folder: C:\Users\Aldo\AppData\Local\Temp\GLF3130
Folder: C:\ProgramData\Akamudg
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {25276d0c-40f6-11e2-8faa-642737a64170} - D:\LGAutoRun.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {584bb54d-38d3-11e3-a095-b284bff2cb28} - D:\iStudio.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {d81eb27d-9d7d-11eb-bebc-78843cb2a9d4} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\...\MountPoints2: {e0a0c50a-97c6-11ea-a042-642737a64170} - D:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {25A74874-363E-4460-B1A2-15483EF9D769} - System32\Tasks\Microsoft\Windows\SyncCenter\Microsoft.Windows.Diasfer => C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe "C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll"
Task: {59A9F6D5-236C-4FC4-9EBE-FDFD0B8AAB43} - System32\Tasks\{FC3FEF76-2881-462C-B5AC-B3774E271C3A} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\AppData\Local\Temp\GLF3130\TROUBL~1.EXE -d C:\Users\Aldo\AppData\Local\Temp\GLF3130 <==== ATENCIÓN
Task: {71D6BB13-F89C-4B0A-9A3B-BDD75346A386} - System32\Tasks\{BA17A1DD-2763-49F9-8DCE-B6397E127B7D} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\iview452_plugins_setup.exe -d C:\Users\Aldo\Descargas
Task: {8F6905C2-A15D-47E8-B036-25951187A0D2} - System32\Tasks\{31F2A9BA-BF3E-4C68-88BC-5777112F6D26} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATENCIÓN
Task: {AFB46529-85D0-4CE0-BFAD-634FF13EEA23} - System32\Tasks\{22D7371E-AECB-41B1-96AB-CE80CFCDF506} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\irfanview_shell_extension_plugin.exe -d C:\Users\Aldo\Descargas
Task: {DF76A6A6-1824-4D50-844D-5C21D4A387BC} - System32\Tasks\{3B7FF47C-F9D1-4FD0-B093-EFD5B8827014} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Digital Editions 2.0\uninstall.exe"
Task: {E8639695-129D-4FA1-8422-643625F1CE97} - System32\Tasks\{56A5FCAC-197F-42B4-AE49-B78B35AD7B1F} => C:\Windows\system32\pcalua.exe -a C:\Users\Aldo\Descargas\iview442\iv_uninstall.exe -d C:\Users\Aldo\Descargas\iview442
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => no encontrado
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Ningún archivo]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
FF Plugin HKU\S-1-5-21-1562237412-835404634-1912169428-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Ningún archivo]
CHR Notifications: Profile 3 -> hxxps://www15a.willianpadilla.pro
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <no encontrado>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
U4 dmwappushservice; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
2021-04-28 15:59 - 2021-05-14 22:18 - 000000000 ___HD C:\ProgramData\Akamudg
2021-04-25 15:57 - 2021-04-25 15:58 - 000000000 ____D C:\Users\Aldo\AppData\Roaming\XkhcPoUSquhmmwkpiqevsTMaaECRFZXbMcWIjRruDyeTfRBoMdTBaiUtnVelFejqo
2018-01-27 17:38 - 2018-01-27 17:41 - 000018432 ___SH () C:\Users\Aldo\AppData\Roaming\Thumbs.db
CustomCLSID: HKU\S-1-5-21-1562237412-835404634-1912169428-1000_Classes\CLSID\{49E0BE0A-39E0-4932-B7BE-F249D56ACD31}\InprocServer32 -> csp16.dll => Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Ningún archivo
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Aldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Akamudg\Nmzm\1E204270"
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [402]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1562237412-835404634-1912169428-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-501 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1562237412-835404634-1912169428-501 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Sin Nombre -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Ningún archivo
MSCONFIG\Services: gupdate => 2
FirewallRules: [{583A698D-AA90-4269-989B-1349AFAD35CE}] => (Allow) E:\setup\hpznui40.exe => Ningún archivo
FirewallRules: [{F4974079-78BC-40CD-82A9-3FC0AEB9BC30}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe => Ningún archivo
C:\Program Files (x86)\StoryMessage\RxotVogump\Wdfeb_Msnag410f.dll
C:\Users\Aldo\AppData\Local\Temp\GLF3130\TROUBL~1.EXE
C:\Users\Aldo\AppData\Local\Temp\GLF3130
C:\Users\Aldo\AppData\Local\Temp\jre-8u77-windows-au.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END

Lo guardas con el nombre de FIXLIST.TXT en tu escritorio (MUY IMPORTANTE). Pues en caso contrario no funcionará el SCRIPT, ambos ficheros (FRST.exe y FIXLIST.TXT ) y deben de estar en la ubicación del ESCRITORIO.

:warning: El anterior Script de reparación es personalizado para la máquina en concreto para la cual se fabricó y está hecho específicamente por un miembro del Staff. Si se tiene un problema parecido, por favor abra su propio tema para recibir ayuda personalizada y específica. Utilizar Scripts de otros Sistemas puede causar daños graves en su ordenador.

Finalmente (OJO, en MODO NORMAL):

  1. Ejecutas nuevamente FRST.exe (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador).

  2. Presionas sobre Fix/Corregir y esperas a que finalice el proceso. No hagas nada con el PC mientras este realizando dichas reparaciones, incluso si parece ser que se ha quedado colgado. No lo toques y esperas.

  3. Cunado finalice, en el ESCRITORIO se creará el fichero FIXLOG.TXT lo traes en tu próxima respuesta. Aparte, comentas como ha ido lo de la extensión.

  4. Reinicias el ordenador en Modo Normal compruebas durante un rato el funcionamiento de este y comentas como sigue el problema inicialmente planteado.

:warning: Muy Importante :warning: Coloca el reporte que te he pedido como se muestra en la siguiente imagen:

Salu2.